From 171bb02eb187ced0c8f946a14ed9bb342d31c36b Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 16 Nov 2023 19:00:22 +0000 Subject: [PATCH] Auto-Update: 2023-11-16T19:00:18.595128+00:00 --- CVE-2023/CVE-2023-262xx/CVE-2023-26221.json | 90 +- CVE-2023/CVE-2023-263xx/CVE-2023-26368.json | 4 +- CVE-2023/CVE-2023-286xx/CVE-2023-28618.json | 51 +- CVE-2023/CVE-2023-286xx/CVE-2023-28694.json | 51 +- CVE-2023/CVE-2023-286xx/CVE-2023-28696.json | 51 +- CVE-2023/CVE-2023-289xx/CVE-2023-28930.json | 51 +- CVE-2023/CVE-2023-289xx/CVE-2023-28987.json | 51 +- CVE-2023/CVE-2023-292xx/CVE-2023-29238.json | 61 +- CVE-2023/CVE-2023-294xx/CVE-2023-29425.json | 51 +- CVE-2023/CVE-2023-299xx/CVE-2023-29974.json | 67 +- CVE-2023/CVE-2023-310xx/CVE-2023-31077.json | 56 +- CVE-2023/CVE-2023-329xx/CVE-2023-32966.json | 56 +- CVE-2023/CVE-2023-358xx/CVE-2023-35877.json | 51 +- CVE-2023/CVE-2023-391xx/CVE-2023-39198.json | 134 +- CVE-2023/CVE-2023-392xx/CVE-2023-39295.json | 51 +- CVE-2023/CVE-2023-412xx/CVE-2023-41284.json | 51 +- CVE-2023/CVE-2023-412xx/CVE-2023-41285.json | 51 +- CVE-2023/CVE-2023-443xx/CVE-2023-44327.json | 4 +- CVE-2023/CVE-2023-443xx/CVE-2023-44328.json | 4 +- CVE-2023/CVE-2023-443xx/CVE-2023-44329.json | 4 +- CVE-2023/CVE-2023-443xx/CVE-2023-44330.json | 4 +- CVE-2023/CVE-2023-443xx/CVE-2023-44331.json | 4 +- CVE-2023/CVE-2023-443xx/CVE-2023-44332.json | 4 +- CVE-2023/CVE-2023-443xx/CVE-2023-44333.json | 4 +- CVE-2023/CVE-2023-443xx/CVE-2023-44334.json | 4 +- CVE-2023/CVE-2023-443xx/CVE-2023-44335.json | 4 +- CVE-2023/CVE-2023-450xx/CVE-2023-45075.json | 1828 ++++++++++++++++++- CVE-2023/CVE-2023-450xx/CVE-2023-45076.json | 1818 +++++++++++++++++- CVE-2023/CVE-2023-450xx/CVE-2023-45077.json | 1818 +++++++++++++++++- CVE-2023/CVE-2023-450xx/CVE-2023-45078.json | 1818 +++++++++++++++++- CVE-2023/CVE-2023-450xx/CVE-2023-45079.json | 1818 +++++++++++++++++- CVE-2023/CVE-2023-451xx/CVE-2023-45140.json | 57 +- CVE-2023/CVE-2023-458xx/CVE-2023-45857.json | 68 +- CVE-2023/CVE-2023-458xx/CVE-2023-45875.json | 77 +- CVE-2023/CVE-2023-460xx/CVE-2023-46014.json | 64 +- CVE-2023/CVE-2023-460xx/CVE-2023-46015.json | 64 +- CVE-2023/CVE-2023-460xx/CVE-2023-46016.json | 64 +- CVE-2023/CVE-2023-460xx/CVE-2023-46017.json | 64 +- CVE-2023/CVE-2023-460xx/CVE-2023-46018.json | 64 +- CVE-2023/CVE-2023-460xx/CVE-2023-46019.json | 64 +- CVE-2023/CVE-2023-460xx/CVE-2023-46020.json | 64 +- CVE-2023/CVE-2023-460xx/CVE-2023-46021.json | 64 +- CVE-2023/CVE-2023-462xx/CVE-2023-46201.json | 47 +- CVE-2023/CVE-2023-466xx/CVE-2023-46634.json | 47 +- CVE-2023/CVE-2023-46xx/CVE-2023-4632.json | 52 +- CVE-2023/CVE-2023-470xx/CVE-2023-47004.json | 71 +- CVE-2023/CVE-2023-470xx/CVE-2023-47040.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47041.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47042.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47043.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47044.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47046.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47047.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47048.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47049.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47050.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47051.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47052.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47053.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47054.json | 4 +- CVE-2023/CVE-2023-470xx/CVE-2023-47055.json | 55 + CVE-2023/CVE-2023-470xx/CVE-2023-47056.json | 55 + CVE-2023/CVE-2023-470xx/CVE-2023-47057.json | 55 + CVE-2023/CVE-2023-470xx/CVE-2023-47058.json | 55 + CVE-2023/CVE-2023-470xx/CVE-2023-47059.json | 55 + CVE-2023/CVE-2023-470xx/CVE-2023-47060.json | 55 + CVE-2023/CVE-2023-471xx/CVE-2023-47109.json | 76 +- CVE-2023/CVE-2023-471xx/CVE-2023-47111.json | 73 +- CVE-2023/CVE-2023-471xx/CVE-2023-47114.json | 62 +- CVE-2023/CVE-2023-471xx/CVE-2023-47122.json | 68 +- CVE-2023/CVE-2023-471xx/CVE-2023-47127.json | 8 +- CVE-2023/CVE-2023-471xx/CVE-2023-47163.json | 78 +- CVE-2023/CVE-2023-471xx/CVE-2023-47164.json | 74 +- CVE-2023/CVE-2023-475xx/CVE-2023-47514.json | 55 + CVE-2023/CVE-2023-475xx/CVE-2023-47516.json | 47 +- CVE-2023/CVE-2023-476xx/CVE-2023-47610.json | 311 +++- CVE-2023/CVE-2023-476xx/CVE-2023-47611.json | 315 +++- CVE-2023/CVE-2023-476xx/CVE-2023-47614.json | 315 +++- CVE-2023/CVE-2023-476xx/CVE-2023-47652.json | 47 +- CVE-2023/CVE-2023-476xx/CVE-2023-47669.json | 51 +- CVE-2023/CVE-2023-476xx/CVE-2023-47690.json | 47 +- CVE-2023/CVE-2023-47xx/CVE-2023-4771.json | 4 +- CVE-2023/CVE-2023-480xx/CVE-2023-48052.json | 20 + CVE-2023/CVE-2023-480xx/CVE-2023-48053.json | 20 + CVE-2023/CVE-2023-480xx/CVE-2023-48054.json | 20 + CVE-2023/CVE-2023-480xx/CVE-2023-48055.json | 20 + CVE-2023/CVE-2023-480xx/CVE-2023-48056.json | 28 + CVE-2023/CVE-2023-480xx/CVE-2023-48058.json | 68 +- CVE-2023/CVE-2023-480xx/CVE-2023-48060.json | 68 +- CVE-2023/CVE-2023-480xx/CVE-2023-48063.json | 68 +- CVE-2023/CVE-2023-480xx/CVE-2023-48068.json | 67 +- CVE-2023/CVE-2023-48xx/CVE-2023-4804.json | 267 ++- CVE-2023/CVE-2023-48xx/CVE-2023-4891.json | 64 +- CVE-2023/CVE-2023-50xx/CVE-2023-5075.json | 63 +- CVE-2023/CVE-2023-50xx/CVE-2023-5078.json | 582 +++++- CVE-2023/CVE-2023-55xx/CVE-2023-5539.json | 122 +- CVE-2023/CVE-2023-59xx/CVE-2023-5913.json | 90 +- CVE-2023/CVE-2023-60xx/CVE-2023-6013.json | 55 + CVE-2023/CVE-2023-60xx/CVE-2023-6015.json | 4 +- CVE-2023/CVE-2023-60xx/CVE-2023-6016.json | 4 +- CVE-2023/CVE-2023-60xx/CVE-2023-6017.json | 55 + CVE-2023/CVE-2023-60xx/CVE-2023-6018.json | 4 +- CVE-2023/CVE-2023-60xx/CVE-2023-6019.json | 55 + CVE-2023/CVE-2023-60xx/CVE-2023-6021.json | 55 + CVE-2023/CVE-2023-60xx/CVE-2023-6022.json | 55 + CVE-2023/CVE-2023-60xx/CVE-2023-6023.json | 4 +- CVE-2023/CVE-2023-60xx/CVE-2023-6038.json | 55 + CVE-2023/CVE-2023-60xx/CVE-2023-6039.json | 93 +- CVE-2023/CVE-2023-60xx/CVE-2023-6052.json | 66 +- CVE-2023/CVE-2023-60xx/CVE-2023-6053.json | 66 +- CVE-2023/CVE-2023-60xx/CVE-2023-6074.json | 68 +- CVE-2023/CVE-2023-60xx/CVE-2023-6075.json | 58 +- CVE-2023/CVE-2023-60xx/CVE-2023-6076.json | 69 +- CVE-2023/CVE-2023-61xx/CVE-2023-6121.json | 4 +- CVE-2023/CVE-2023-61xx/CVE-2023-6176.json | 51 + README.md | 104 +- 116 files changed, 15191 insertions(+), 363 deletions(-) create mode 100644 CVE-2023/CVE-2023-470xx/CVE-2023-47055.json create mode 100644 CVE-2023/CVE-2023-470xx/CVE-2023-47056.json create mode 100644 CVE-2023/CVE-2023-470xx/CVE-2023-47057.json create mode 100644 CVE-2023/CVE-2023-470xx/CVE-2023-47058.json create mode 100644 CVE-2023/CVE-2023-470xx/CVE-2023-47059.json create mode 100644 CVE-2023/CVE-2023-470xx/CVE-2023-47060.json create mode 100644 CVE-2023/CVE-2023-475xx/CVE-2023-47514.json create mode 100644 CVE-2023/CVE-2023-480xx/CVE-2023-48052.json create mode 100644 CVE-2023/CVE-2023-480xx/CVE-2023-48053.json create mode 100644 CVE-2023/CVE-2023-480xx/CVE-2023-48054.json create mode 100644 CVE-2023/CVE-2023-480xx/CVE-2023-48055.json create mode 100644 CVE-2023/CVE-2023-480xx/CVE-2023-48056.json create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6013.json create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6017.json create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6019.json create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6021.json create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6022.json create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6038.json create mode 100644 CVE-2023/CVE-2023-61xx/CVE-2023-6176.json diff --git a/CVE-2023/CVE-2023-262xx/CVE-2023-26221.json b/CVE-2023/CVE-2023-262xx/CVE-2023-26221.json index 2420ee5fe5f..8deca80d003 100644 --- a/CVE-2023/CVE-2023-262xx/CVE-2023-26221.json +++ b/CVE-2023/CVE-2023-262xx/CVE-2023-26221.json @@ -2,16 +2,40 @@ "id": "CVE-2023-26221", "sourceIdentifier": "security@tibco.com", "published": "2023-11-08T20:15:07.313", - "lastModified": "2023-11-09T13:46:24.437", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:37:34.827", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged attacker with read/write access to craft malicious Analyst files. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s Spotfire Analyst: versions 12.3.0, 12.4.0, and 12.5.0, Spotfire Server: versions 12.3.0, 12.4.0, and 12.5.0, and Spotfire for AWS Marketplace: version 12.5.0.\n\n" + }, + { + "lang": "es", + "value": "El componente Spotfire Connectors de Spotfire Analyst, Spotfire Server y Spotfire para AWS Marketplace de TIBCO Software Inc. contiene una vulnerabilidad f\u00e1cilmente explotable que permite a un atacante con pocos privilegios y acceso de lectura/escritura crear archivos maliciosos de Analyst. Un ataque exitoso que utilice esta vulnerabilidad requiere la interacci\u00f3n humana de una persona distinta del atacante. Las versiones afectadas son Spotfire Analyst de TIBCO Software Inc.: versiones 12.3.0, 12.4.0 y 12.5.0, Spotfire Server: versiones 12.3.0, 12.4.0 y 12.5.0, y Spotfire para AWS Marketplace: versi\u00f3n 12.5.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.9, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.5 + }, { "source": "security@tibco.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + }, { "source": "security@tibco.com", "type": "Secondary", @@ -46,10 +80,60 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tibco:spotfire_analyst:12.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "949054A7-A299-4C11-9E2B-7437D6C4D801" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tibco:spotfire_analyst:12.4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C63E85E6-8519-4957-B55B-0B8F6E658B2B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tibco:spotfire_analyst:12.5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FE433F55-79E4-438C-81C7-4CEEAEE1C442" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tibco:spotfire_analytics_platform:12.5.0:*:*:*:*:aws_marketplace:*:*", + "matchCriteriaId": "55B9367D-3938-4059-BABE-72322C2AE10C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tibco:spotfire_server:12.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0F7F5C30-950E-4483-8795-761C506BB549" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tibco:spotfire_server:12.4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4B67F529-EB21-4628-ADA2-56E76DA272EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tibco:spotfire_server:12.5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "889EE133-0CEE-429F-A58E-1F310FB981B8" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.tibco.com/services/support/advisories", - "source": "security@tibco.com" + "source": "security@tibco.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-263xx/CVE-2023-26368.json b/CVE-2023/CVE-2023-263xx/CVE-2023-26368.json index 9b143e99124..ce574341b0f 100644 --- a/CVE-2023/CVE-2023-263xx/CVE-2023-26368.json +++ b/CVE-2023/CVE-2023-263xx/CVE-2023-26368.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26368", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:29.547", - "lastModified": "2023-11-16T16:15:29.547", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28618.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28618.json index a6b2729e7fa..ca022eb8f78 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28618.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28618.json @@ -2,16 +2,40 @@ "id": "CVE-2023-28618", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-12T22:15:29.190", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:42:45.977", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Enhanced Plugin Admin plugin <=\u00a01.16 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Marios Alexandrou Enhanced Plugin Admin en versiones <= 1.16." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:infolific:enhanced_plugin_admin:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.16", + "matchCriteriaId": "6B2AA469-7267-48F8-AC4F-721A9DF5885F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/enhanced-plugin-admin/wordpress-enhanced-plugin-admin-plugin-1-16-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28694.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28694.json index 18d359eab1a..94a87ba89e6 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28694.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28694.json @@ -2,16 +2,40 @@ "id": "CVE-2023-28694", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-12T22:15:29.370", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:42:33.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Wbcom Designs Wbcom Designs \u2013 BuddyPress Activity Social Share plugin <=\u00a03.5.0 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Wbcom Designs Wbcom Designs \u2013 Complemento BuddyPress Activity Social Share en versiones <= 3.5.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wbcomdesigns:buddypress_activity_social_share:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.5.0", + "matchCriteriaId": "E30E0FAC-8A43-4964-B9EE-A9633E174D97" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/bp-activity-social-share/wordpress-wbcom-designs-buddypress-activity-social-share-plugin-3-4-0-cross-site-request-forgery-csrf?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28696.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28696.json index 3277e582c38..5c27382da57 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28696.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28696.json @@ -2,16 +2,40 @@ "id": "CVE-2023-28696", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-12T22:15:29.560", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:41:01.973", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Harish Chouhan, Themeist I Recommend Tplugin <=\u00a03.9.0 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Harish Chouhan, Themeist I Recommend en versiones <= 3.9.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themeist:i_recommend_this:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.9.0", + "matchCriteriaId": "A94D9D57-22D4-40C0-8984-761A2FF46B6A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/i-recommend-this/wordpress-i-recommend-this-plugin-3-8-3-cross-site-request-forgery-csrf?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-289xx/CVE-2023-28930.json b/CVE-2023/CVE-2023-289xx/CVE-2023-28930.json index 46b282d0c71..6923794b5da 100644 --- a/CVE-2023/CVE-2023-289xx/CVE-2023-28930.json +++ b/CVE-2023/CVE-2023-289xx/CVE-2023-28930.json @@ -2,16 +2,40 @@ "id": "CVE-2023-28930", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-12T22:15:29.777", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:38:04.390", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Robin Phillips Mobile Banner plugin <=\u00a01.5 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Robin Phillips Mobile Banner en versiones <= 1.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:robinphillips:mobile_banner:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.5", + "matchCriteriaId": "2E72CCEC-06C5-49BE-8D46-AAFD04B902ED" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/mobile-banner/wordpress-mobile-banner-plugin-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-289xx/CVE-2023-28987.json b/CVE-2023/CVE-2023-289xx/CVE-2023-28987.json index 627af99e7a4..67462f6085f 100644 --- a/CVE-2023/CVE-2023-289xx/CVE-2023-28987.json +++ b/CVE-2023/CVE-2023-289xx/CVE-2023-28987.json @@ -2,16 +2,40 @@ "id": "CVE-2023-28987", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-12T22:15:29.960", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:37:59.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Wp Ultimate Review plugin\u00a0<= 2.0.3 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Wpmet Wp Ultimate Review en versiones <= 2.0.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmet:wp_ultimate_review:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0.3", + "matchCriteriaId": "9B623AB4-848F-4623-85C0-9AF7C8525AEA" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-ultimate-review/wordpress-wp-ultimate-review-plugin-2-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29238.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29238.json index 79cbd88b619..c6066f567f4 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29238.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29238.json @@ -2,16 +2,40 @@ "id": "CVE-2023-29238", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-12T22:15:30.147", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:37:54.283", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Whydonate Whydonate \u2013 FREE Donate button \u2013 Crowdfunding \u2013 Fundraising plugin <=\u00a03.12.15 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Whydonate Whydonate \u2013 FREE Donate button \u2013 Crowdfunding \u2013 Fundraising en versiones <= 3.12.15." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:whydonate:wp_whydonate:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.12.15", + "matchCriteriaId": "BC50FDC2-CB4F-4164-8D98-C04C47BFF592" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-whydonate/wordpress-whydonate-plugin-3-12-13-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29425.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29425.json index 7242023aeca..f19a6758bec 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29425.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29425.json @@ -2,16 +2,40 @@ "id": "CVE-2023-29425", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-12T22:15:30.327", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:37:47.260", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in plainware.Com ShiftController Employee Shift Scheduling plugin <=\u00a04.9.23 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento plainware.Com ShiftController Employee Shift Scheduling en versiones <= 4.9.23." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:plainware:shiftcontroller:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.9.23", + "matchCriteriaId": "97B4E2D6-C02C-4CF3-9691-3E79A1B58D9E" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/shiftcontroller/wordpress-shiftcontroller-employee-shift-scheduling-plugin-4-9-23-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-299xx/CVE-2023-29974.json b/CVE-2023/CVE-2023-299xx/CVE-2023-29974.json index 52452a1e1b6..235fafa696d 100644 --- a/CVE-2023/CVE-2023-299xx/CVE-2023-29974.json +++ b/CVE-2023/CVE-2023-299xx/CVE-2023-29974.json @@ -2,19 +2,78 @@ "id": "CVE-2023-29974", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-08T21:15:08.447", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:35:54.373", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements." + }, + { + "lang": "es", + "value": "Un problema descubierto en Pfsense CE versi\u00f3n 2.6.0 permite a los atacantes comprometer cuentas de usuario mediante requisitos de contrase\u00f1a d\u00e9biles." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-521" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pfsense:pfsense:2.6.0:*:*:*:community:*:*:*", + "matchCriteriaId": "7F69B7B3-805F-4604-9710-80F11F5E4142" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://www.esecforte.com/cve-2023-29974-weak-password-policy/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-310xx/CVE-2023-31077.json b/CVE-2023/CVE-2023-310xx/CVE-2023-31077.json index 64cf08676e8..34fe0e0f9c6 100644 --- a/CVE-2023/CVE-2023-310xx/CVE-2023-31077.json +++ b/CVE-2023/CVE-2023-310xx/CVE-2023-31077.json @@ -2,15 +2,42 @@ "id": "CVE-2023-31077", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-10T14:15:35.923", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:54:55.783", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin <=\u00a02.1.9 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento ReCorp Export WP Page to Static HTML/CSS en versiones <= 2.1.9." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "audit@patchstack.com", @@ -23,10 +50,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:myrecorp:export_wp_page_to_static_html\\/css:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.1.9", + "matchCriteriaId": "868E1CF7-EB3F-4BCA-982B-5A0A60B488D5" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/export-wp-page-to-static-html/wordpress-export-wp-page-to-static-html-css-plugin-2-1-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-329xx/CVE-2023-32966.json b/CVE-2023/CVE-2023-329xx/CVE-2023-32966.json index 95ad851278e..7af5b3bdb87 100644 --- a/CVE-2023/CVE-2023-329xx/CVE-2023-32966.json +++ b/CVE-2023/CVE-2023-329xx/CVE-2023-32966.json @@ -2,15 +2,42 @@ "id": "CVE-2023-32966", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-07T18:15:08.620", - "lastModified": "2023-11-07T19:07:44.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:19:15.237", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab Jazz Popups leads to Stored XSS.This issue affects Jazz Popups: from n/a through 1.8.7.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de Cross-Site Request Forgery (CSRF) en CRUDLab Jazz Popups conduce XSS Almacenado. Este problema afecta a Jazz Popups: desde n/a hasta 1.8.7." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "audit@patchstack.com", @@ -23,10 +50,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:crudlab:jazz_popups:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.8.7", + "matchCriteriaId": "654013BB-4972-4DE3-A8B5-96E822A29612" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/jazz-popups/wordpress-jazz-popups-plugin-1-8-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35877.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35877.json index 13386dca815..28a4ab8b752 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35877.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35877.json @@ -2,16 +2,40 @@ "id": "CVE-2023-35877", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-13T17:15:07.657", - "lastModified": "2023-11-13T18:44:54.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:14:43.550", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Vadym K. Extra User Details allows Stored XSS.This issue affects Extra User Details: from n/a through 0.5.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Vadym K. Extra User Details permiten almacenar XSS. Este problema afecta Extra User Details: desde n/a hasta 0.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vadimk:extra_user_details:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "0.5.1", + "matchCriteriaId": "EA7AF4C0-BCEB-45A1-888B-D8D7D2A29843" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/extra-user-details/wordpress-extra-user-details-plugin-0-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39198.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39198.json index f17622dfbbc..b67be46295e 100644 --- a/CVE-2023/CVE-2023-391xx/CVE-2023-39198.json +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39198.json @@ -2,16 +2,40 @@ "id": "CVE-2023-39198", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-09T20:15:08.730", - "lastModified": "2023-11-09T20:51:06.133", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:16:01.260", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una condici\u00f3n de ejecuci\u00f3n en el controlador QXL del kernel de Linux. La funci\u00f3n qxl_mode_dumb_create() desreferencia el qobj devuelto por qxl_gem_object_create_with_handle(), pero el identificador es el \u00fanico que contiene una referencia a \u00e9l. Esta falla permite a un atacante adivinar el valor de identificador devuelto y desencadenar un problema de use-after-free, lo que podr\u00eda provocar una denegaci\u00f3n de servicio o una escalada de privilegios." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 5.9 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -46,14 +80,106 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.5", + "matchCriteriaId": "98C491C7-598A-4D36-BA4F-3505A5727ED1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*", + "matchCriteriaId": "0B3E6E4D-E24E-4630-B00C-8C9901C597B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*", + "matchCriteriaId": "E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*", + "matchCriteriaId": "F5608371-157A-4318-8A2E-4104C3467EA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*", + "matchCriteriaId": "2226A776-DF8C-49E0-A030-0A7853BB018A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc5:*:*:*:*:*:*", + "matchCriteriaId": "6F15C659-DF06-455A-9765-0E6DE920F29A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc6:*:*:*:*:*:*", + "matchCriteriaId": "5B1C14ED-ABC4-41D3-8D9C-D38C6A65B4DE" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-39198", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218332", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39295.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39295.json index 52637a3d741..d0fe8c97342 100644 --- a/CVE-2023/CVE-2023-392xx/CVE-2023-39295.json +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39295.json @@ -2,16 +2,40 @@ "id": "CVE-2023-39295", "sourceIdentifier": "security@qnapsecurity.com.tw", "published": "2023-11-10T16:15:32.580", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:57:01.447", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network.\n\nWe have already fixed the vulnerability in the following version:\nQuMagie 2.1.3 and later\n" + }, + { + "lang": "es", + "value": "Se ha informado que una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo afecta a QuMagie. Si se explota, la vulnerabilidad podr\u00eda permitir a los usuarios autenticados ejecutar comandos a trav\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en la siguiente versi\u00f3n: QuMagie 2.1.3 y posteriores." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@qnapsecurity.com.tw", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qnap:qumagie:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.1.4", + "matchCriteriaId": "DD6AF145-97B1-4A7D-9059-0B9DD12B7857" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.qnap.com/en/security-advisory/qsa-23-50", - "source": "security@qnapsecurity.com.tw" + "source": "security@qnapsecurity.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-412xx/CVE-2023-41284.json b/CVE-2023/CVE-2023-412xx/CVE-2023-41284.json index 9b6fef6f43b..18e9a18e877 100644 --- a/CVE-2023/CVE-2023-412xx/CVE-2023-41284.json +++ b/CVE-2023/CVE-2023-412xx/CVE-2023-41284.json @@ -2,16 +2,40 @@ "id": "CVE-2023-41284", "sourceIdentifier": "security@qnapsecurity.com.tw", "published": "2023-11-10T16:15:32.780", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:56:51.333", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nQuMagie 2.1.4 and later\n" + }, + { + "lang": "es", + "value": "Se ha informado que una vulnerabilidad de inyecci\u00f3n SQL afecta a QuMagie. Si se explota, la vulnerabilidad podr\u00eda permitir a los usuarios autenticados inyectar c\u00f3digo malicioso a trav\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en la siguiente versi\u00f3n: QuMagie 2.1.4 y posteriores." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@qnapsecurity.com.tw", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qnap:qumagie:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.1.4", + "matchCriteriaId": "DD6AF145-97B1-4A7D-9059-0B9DD12B7857" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.qnap.com/en/security-advisory/qsa-23-50", - "source": "security@qnapsecurity.com.tw" + "source": "security@qnapsecurity.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-412xx/CVE-2023-41285.json b/CVE-2023/CVE-2023-412xx/CVE-2023-41285.json index d00d92cbb19..58bdf872605 100644 --- a/CVE-2023/CVE-2023-412xx/CVE-2023-41285.json +++ b/CVE-2023/CVE-2023-412xx/CVE-2023-41285.json @@ -2,16 +2,40 @@ "id": "CVE-2023-41285", "sourceIdentifier": "security@qnapsecurity.com.tw", "published": "2023-11-10T16:15:32.967", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:09:49.707", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nQuMagie 2.1.4 and later\n" + }, + { + "lang": "es", + "value": "Se ha informado que una vulnerabilidad de inyecci\u00f3n SQL afecta a QuMagie. Si se explota, la vulnerabilidad podr\u00eda permitir a los usuarios autenticados inyectar c\u00f3digo malicioso a trav\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en la siguiente versi\u00f3n: QuMagie 2.1.4 y posteriores." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@qnapsecurity.com.tw", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qnap:qumagie:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.1.4", + "matchCriteriaId": "DD6AF145-97B1-4A7D-9059-0B9DD12B7857" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.qnap.com/en/security-advisory/qsa-23-50", - "source": "security@qnapsecurity.com.tw" + "source": "security@qnapsecurity.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44327.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44327.json index ee201d357e0..17bc5b9b8ef 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44327.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44327.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44327", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:08.100", - "lastModified": "2023-11-16T15:15:08.100", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44328.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44328.json index 36c661b7b1c..2a493771518 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44328.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44328.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44328", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:08.300", - "lastModified": "2023-11-16T15:15:08.300", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44329.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44329.json index 2da985bd957..4cd01227ead 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44329.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44329.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44329", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:08.490", - "lastModified": "2023-11-16T15:15:08.490", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44330.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44330.json index 69ee96b739f..10e784cf1d9 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44330.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44330.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44330", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:08.683", - "lastModified": "2023-11-16T15:15:08.683", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44331.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44331.json index 6ca363b4ad6..ffa0e3d9689 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44331.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44331.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44331", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:08.863", - "lastModified": "2023-11-16T15:15:08.863", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44332.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44332.json index ec761ba58c0..1e5b5c6e132 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44332.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44332.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44332", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:09.043", - "lastModified": "2023-11-16T15:15:09.043", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44333.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44333.json index 51098165212..bae68c620cf 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44333.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44333.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44333", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:09.237", - "lastModified": "2023-11-16T15:15:09.237", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44334.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44334.json index e233a6ad2aa..254b1ebd7ae 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44334.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44334.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44334", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:09.450", - "lastModified": "2023-11-16T15:15:09.450", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44335.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44335.json index 08c295e1b3d..542a1e68658 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44335.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44335.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44335", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:09.630", - "lastModified": "2023-11-16T15:15:09.630", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-450xx/CVE-2023-45075.json b/CVE-2023/CVE-2023-450xx/CVE-2023-45075.json index 1f76f648e72..a673d77bf35 100644 --- a/CVE-2023/CVE-2023-450xx/CVE-2023-45075.json +++ b/CVE-2023/CVE-2023-450xx/CVE-2023-45075.json @@ -2,16 +2,40 @@ "id": "CVE-2023-45075", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-11-08T23:15:10.900", - "lastModified": "2023-11-09T13:46:14.890", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:30:18.810", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leakage vulnerability was reported in the SWSMI_Shadow DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables." + }, + { + "lang": "es", + "value": "Se inform\u00f3 una vulnerabilidad de p\u00e9rdida de memoria en el controlador SWSMI_Shadow DXE que puede permitir que un atacante local con privilegios elevados escriba en variables NVRAM." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +80,1798 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_c5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "141B8675-12D8-47DD-BE9E-AD147ABA4555" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_c5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86FABE58-B9C6-4B31-B4DF-E009DBD5CED1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07ada05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4fkt39a", + "matchCriteriaId": "ACFDD765-4CF5-4786-95DF-4107341A82C9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07ada05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ED1DFA0B-0259-4F37-87E8-A989043A2B57" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "D20C29CF-23C5-4F77-AEC4-065E4E3F40EF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAA6805E-2896-4EBA-BCCE-832F44D94693" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C18FF8F0-1EB5-4172-8414-167B3670EA49" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CF6ED930-A8C3-45A2-A2E0-536E9F732B1F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_creator_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "BD66E3E0-5BE0-4A35-8EB6-CA714C39DD94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_creator_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0AA1F367-AEDF-4379-A94F-2484B65FE5D5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14amr05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4zkt2ba", + "matchCriteriaId": "6490B55F-1513-48A5-A623-5860F14FB79A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14amr05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F683D6E7-0C4E-454D-B108-27442E33A17B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_gaming_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "6B07220E-5CF7-401C-B403-BB39EC3AA9F8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_gaming_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4EF3A200-2D5B-45BB-AE23-F25927BA3FA4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5_01iaq7_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o53kt10a", + "matchCriteriaId": "610522F4-EBC6-4AE6-8ADD-9957C4024DF3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5_01iaq7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC1CAD9B-61FC-4539-83A4-E2A1D411FCDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5-01imh05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4ekt1ba", + "matchCriteriaId": "AC7187BD-243F-4F37-B021-302B93CDCB18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5-01imh05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BA0D9123-A945-41C3-B0CC-B1CAAF65BB8F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:legion_t7-34imz5_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5fkt17a", + "matchCriteriaId": "581E7EF0-FCE6-4663-81CF-FB739FD9B0C4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:legion_t7-34imz5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AD2E4E8D-942A-45E8-A5C0-86C8E5B1C511" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m625q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1wkt52a", + "matchCriteriaId": "E5AD7477-E87F-4EE4-AC47-6495AB4BF474" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m625q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "438DA928-AC10-446F-8B56-24D46B8AEDF9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m630e_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5148F0B5-0A65-4A57-89B6-5EB0CE938A38" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m630e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D53FD4A8-8352-469D-8DAE-B904FDB9DA73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2skt29a", + "matchCriteriaId": "1A4F8008-612C-4DE9-8B82-1F55D05F5B55" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E23D10CA-F552-4D26-B350-6F0526BCC53C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1mkt56a", + "matchCriteriaId": "7C515F16-4DAA-4881-96F8-934F8941E4D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C4147105-8798-4CF4-8E7B-CB8429BCAA55" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920x_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "EA5ABB10-241E-469F-B400-E68A43AA2F1F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9DDEC1BD-4511-4231-9502-A65FFFA35116" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "0A4E408C-5277-4246-A0F5-CC6FE716FE95" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA136174-6A29-4DD8-BF2F-BEC629ED216B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "BF338ABE-DF38-4C3D-9703-2E9D09AB3EA8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86CEA502-29BC-4F04-AF51-53B8CE39D1DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "9E4113A0-AC90-48F2-9B95-A72184788DB8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "18964E52-51F6-4C64-A471-A09FB2E7A4C1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "ED0FDD5F-4198-483C-897F-F946416AB5E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B52C1612-1479-4A98-8EF7-DB7BF44D7396" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "762E5F0E-FF2F-46D8-9B22-6EFA795505EB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "466521C7-6E6B-473D-B188-D5FCD83375DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90q_tiny_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "3C0EBA22-766B-478B-AEEB-1CE145395B4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90q_tiny:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DBAC138A-7423-455F-B039-84C7D8AEE69A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2rkt57a", + "matchCriteriaId": "7B8F5EF2-16DA-40FC-BA37-72F99CD4DC6E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F78CB731-96A7-4EB5-B179-BD73490B95C9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m820z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1nkt62a", + "matchCriteriaId": "11825508-9DD7-4E7E-9CA5-A0EBD073AE0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m820z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "87688EEF-3935-497A-8FD3-66AF4596BFF0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "11F5454C-0682-4082-8D4B-8B030022A386" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3DEDED31-3B1C-4289-8056-82606B246978" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "D9B7941A-2CA3-405C-A7C5-C3D8478B6EEC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9292E0CE-B3CC-44F6-8673-3FADFA37C3F6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "7E609775-8206-4F58-B7C3-05730DC4B699" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E4EF5F1-4552-4298-B847-568B70D2677E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75t_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F21FD7B9-9104-490F-86AC-E3B70EB62591" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75t_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2102F1DF-7A45-4080-B52A-3D51028FE82A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75s_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B86C3BD3-6184-4875-9AEF-6325F2D047BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75s_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "04B34D9E-9504-4CEF-8056-01C6BAEAB8CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75q_gen_2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m47kt30a", + "matchCriteriaId": "4E1C9AFE-231E-40AB-AAD7-380363BDE625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75q_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B02FFC22-94FE-483A-994A-645C699CAD5D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m33kt27a", + "matchCriteriaId": "8034A246-7FEA-4F66-B52D-1E5EBE21E69E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8644D2E7-B6C7-4E0F-B8C4-37ADAEAEDC03" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "5B08DD83-C12A-4AE5-B97C-39D9123FA6DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CAC3DBF5-3CE2-48BE-82E2-F52A776E68E6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "CC778074-3CCB-4B6B-800D-E38CFA154DD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C245AA0-A5AA-4375-B781-23159D4F69B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "3644C44C-C8A2-4A0F-BA58-963751BAFC0E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "90230B12-DF65-4D6B-90E0-65F523BA98CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "33905836-A97A-4025-B7C1-D6A0C60ECB4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00CF1B6A-A36C-4035-B248-664B6DB3B4B4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "C380E026-CA09-4CF5-9D09-679D612FE983" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C3B56DE3-5438-4117-89B7-92F065959CAC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "146E13B8-7C62-4A29-80F3-9E85B8012920" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8FC6E24C-E4DC-4773-A448-FBC56C47B9DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13iob_g2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C465DCCA-D769-4DE2-92F7-2943533547BD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13iob_g2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E839B843-1748-4A0A-A0E3-F799794F85BE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v55t_gen_2_13acn_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5jkt23a", + "matchCriteriaId": "B1460514-7282-4491-805C-F41359C3BF94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v55t_gen_2_13acn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ABBD7AD6-C762-4F5D-B995-2D18C23E21AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imh_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m4pkt13a", + "matchCriteriaId": "4F796ABD-C150-458A-BF7D-5E8D611F946F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imh:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32BC35F7-58B4-4881-9C20-D79A1CF1E955" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "2D82B9E8-A1A0-46BE-896B-1043C8241807" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EBA5749-B2A7-4BA3-B9AF-5507C0E6BEFD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50s-07imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "4F859DB9-8603-45F7-B289-72DD353F9FFC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50s-07imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3A907A6-060C-45FE-8A9E-F297BBD4F80E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-24imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "1CB01D3D-0336-4959-93E0-3247A8983AD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-24imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E4DBBA7C-5632-430E-8B44-46FC4D6D6D66" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-22imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "8930211A-E679-43B9-A9A5-2FCDC6B55FC3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-22imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E9A7D14D-C6AB-4951-A47D-D8AE79D8E32C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-24iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "51834203-9156-45DD-929A-5D3F64E0BC5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-24iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CC862A9-07AF-4110-8E11-DB41B25863A5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-22iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "E4257F53-9D2B-4F80-B996-D37FFDF868FE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-22iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A8CA790E-5003-48CF-BE48-4F631CE4FAAB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkedge_se30_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3fkt2da", + "matchCriteriaId": "6F2187DF-FD19-4036-8F46-1CCF33539DB5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkedge_se30:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4027F7E6-2E72-4530-8971-7FDA383ED87D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p920_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A7F9E5D-8367-495C-806C-E07465735A0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p920_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FC1F1D8F-CD7F-4957-9556-35B912DB4F9B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p720_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B445A5E3-7FB1-4920-9A6E-E074FCC10A4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p720_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0A7E407C-7A05-4CE1-9B42-56B635245F56" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520c_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5EEFE5BC-5E83-4056-A22B-737297FB291D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520c_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "62FED917-5884-44EE-AE56-2B443C5B18B8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4E12AEA4-2BB1-4EB0-9FD2-29237C30E7B5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D49B4738-AEFD-4E09-857A-0FB0D1698F69" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F3DF4D1-B565-436E-AACD-46CE46D27E60" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s0ekt45a", + "matchCriteriaId": "9C74C0DB-5061-4BBA-8CAF-406CEE2840BC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p350_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5A26F947-3187-482A-BFA7-85AF1EC83039" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p350_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ECC390ED-7DA0-4022-84A9-586BC9BC3AF7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p348_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3kkt3ba", + "matchCriteriaId": "21675C07-5CC7-448C-82C1-888F882EC574" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p348_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00A72988-AF0B-43B3-BF99-7C334C47CA63" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s08kt55a", + "matchCriteriaId": "0EDD83EB-6D55-40D6-A58D-F2C8769F0C1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "88439DB2-AF94-41AE-838A-B66B82A98790" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "AAFD3CA1-2A1F-4FD8-859A-F75F7087CD9E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAED0A02-2DE5-4DE4-AB0E-702198785924" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_2nd_gen_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "E427CA99-9A9C-4965-9674-665B77DB9AF0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation_2nd_gen:-:*:*:*:*:*:*:*", + "matchCriteriaId": "025B6549-B85A-420E-AC12-64DE265196A7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "9214F8AE-74AD-4296-A3CE-D55C9BAEB331" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "94E2238E-8A45-4BE5-8D21-9DC5F991312D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "49610A74-2167-41A4-B57C-1DE57F0518A7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1449EE6-FB7F-45D7-8106-787AEFA31200" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p320_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s06kt64a", + "matchCriteriaId": "278A0F1E-87A1-4D08-B740-8A2DFA8488E0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p320_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D97ED54-608E-459D-BEA7-83C8442EC60A" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-141775", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-450xx/CVE-2023-45076.json b/CVE-2023/CVE-2023-450xx/CVE-2023-45076.json index d0462085176..4faa189ea39 100644 --- a/CVE-2023/CVE-2023-450xx/CVE-2023-45076.json +++ b/CVE-2023/CVE-2023-450xx/CVE-2023-45076.json @@ -2,16 +2,40 @@ "id": "CVE-2023-45076", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-11-08T23:15:11.077", - "lastModified": "2023-11-09T13:46:14.890", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:36:15.903", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leakage vulnerability was reported in the 534D0140 DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables.\n" + }, + { + "lang": "es", + "value": "Se inform\u00f3 una vulnerabilidad de p\u00e9rdida de memoria en el controlador DXE 534D0140 que puede permitir que un atacante local con privilegios elevados escriba en variables NVRAM." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +70,1798 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_c5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "141B8675-12D8-47DD-BE9E-AD147ABA4555" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_c5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86FABE58-B9C6-4B31-B4DF-E009DBD5CED1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07ada05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4fkt39a", + "matchCriteriaId": "ACFDD765-4CF5-4786-95DF-4107341A82C9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07ada05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ED1DFA0B-0259-4F37-87E8-A989043A2B57" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "D20C29CF-23C5-4F77-AEC4-065E4E3F40EF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAA6805E-2896-4EBA-BCCE-832F44D94693" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C18FF8F0-1EB5-4172-8414-167B3670EA49" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CF6ED930-A8C3-45A2-A2E0-536E9F732B1F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_creator_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "BD66E3E0-5BE0-4A35-8EB6-CA714C39DD94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_creator_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0AA1F367-AEDF-4379-A94F-2484B65FE5D5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14amr05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4zkt2ba", + "matchCriteriaId": "6490B55F-1513-48A5-A623-5860F14FB79A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14amr05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F683D6E7-0C4E-454D-B108-27442E33A17B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_gaming_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "6B07220E-5CF7-401C-B403-BB39EC3AA9F8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_gaming_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4EF3A200-2D5B-45BB-AE23-F25927BA3FA4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5_01iaq7_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o53kt10a", + "matchCriteriaId": "610522F4-EBC6-4AE6-8ADD-9957C4024DF3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5_01iaq7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC1CAD9B-61FC-4539-83A4-E2A1D411FCDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5-01imh05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4ekt1ba", + "matchCriteriaId": "AC7187BD-243F-4F37-B021-302B93CDCB18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5-01imh05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BA0D9123-A945-41C3-B0CC-B1CAAF65BB8F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:legion_t7-34imz5_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5fkt17a", + "matchCriteriaId": "581E7EF0-FCE6-4663-81CF-FB739FD9B0C4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:legion_t7-34imz5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AD2E4E8D-942A-45E8-A5C0-86C8E5B1C511" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m625q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1wkt52a", + "matchCriteriaId": "E5AD7477-E87F-4EE4-AC47-6495AB4BF474" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m625q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "438DA928-AC10-446F-8B56-24D46B8AEDF9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m630e_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5148F0B5-0A65-4A57-89B6-5EB0CE938A38" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m630e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D53FD4A8-8352-469D-8DAE-B904FDB9DA73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2skt29a", + "matchCriteriaId": "1A4F8008-612C-4DE9-8B82-1F55D05F5B55" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E23D10CA-F552-4D26-B350-6F0526BCC53C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1mkt56a", + "matchCriteriaId": "7C515F16-4DAA-4881-96F8-934F8941E4D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C4147105-8798-4CF4-8E7B-CB8429BCAA55" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920x_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "EA5ABB10-241E-469F-B400-E68A43AA2F1F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9DDEC1BD-4511-4231-9502-A65FFFA35116" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "0A4E408C-5277-4246-A0F5-CC6FE716FE95" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA136174-6A29-4DD8-BF2F-BEC629ED216B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "BF338ABE-DF38-4C3D-9703-2E9D09AB3EA8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86CEA502-29BC-4F04-AF51-53B8CE39D1DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "9E4113A0-AC90-48F2-9B95-A72184788DB8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "18964E52-51F6-4C64-A471-A09FB2E7A4C1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "ED0FDD5F-4198-483C-897F-F946416AB5E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B52C1612-1479-4A98-8EF7-DB7BF44D7396" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "762E5F0E-FF2F-46D8-9B22-6EFA795505EB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "466521C7-6E6B-473D-B188-D5FCD83375DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90q_tiny_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "3C0EBA22-766B-478B-AEEB-1CE145395B4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90q_tiny:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DBAC138A-7423-455F-B039-84C7D8AEE69A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2rkt57a", + "matchCriteriaId": "7B8F5EF2-16DA-40FC-BA37-72F99CD4DC6E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F78CB731-96A7-4EB5-B179-BD73490B95C9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m820z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1nkt62a", + "matchCriteriaId": "11825508-9DD7-4E7E-9CA5-A0EBD073AE0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m820z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "87688EEF-3935-497A-8FD3-66AF4596BFF0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "11F5454C-0682-4082-8D4B-8B030022A386" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3DEDED31-3B1C-4289-8056-82606B246978" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "D9B7941A-2CA3-405C-A7C5-C3D8478B6EEC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9292E0CE-B3CC-44F6-8673-3FADFA37C3F6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "7E609775-8206-4F58-B7C3-05730DC4B699" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E4EF5F1-4552-4298-B847-568B70D2677E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75t_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F21FD7B9-9104-490F-86AC-E3B70EB62591" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75t_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2102F1DF-7A45-4080-B52A-3D51028FE82A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75s_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B86C3BD3-6184-4875-9AEF-6325F2D047BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75s_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "04B34D9E-9504-4CEF-8056-01C6BAEAB8CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75q_gen_2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m47kt30a", + "matchCriteriaId": "4E1C9AFE-231E-40AB-AAD7-380363BDE625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75q_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B02FFC22-94FE-483A-994A-645C699CAD5D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m33kt27a", + "matchCriteriaId": "8034A246-7FEA-4F66-B52D-1E5EBE21E69E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8644D2E7-B6C7-4E0F-B8C4-37ADAEAEDC03" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "5B08DD83-C12A-4AE5-B97C-39D9123FA6DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CAC3DBF5-3CE2-48BE-82E2-F52A776E68E6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "CC778074-3CCB-4B6B-800D-E38CFA154DD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C245AA0-A5AA-4375-B781-23159D4F69B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "3644C44C-C8A2-4A0F-BA58-963751BAFC0E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "90230B12-DF65-4D6B-90E0-65F523BA98CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "33905836-A97A-4025-B7C1-D6A0C60ECB4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00CF1B6A-A36C-4035-B248-664B6DB3B4B4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "C380E026-CA09-4CF5-9D09-679D612FE983" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C3B56DE3-5438-4117-89B7-92F065959CAC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "146E13B8-7C62-4A29-80F3-9E85B8012920" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8FC6E24C-E4DC-4773-A448-FBC56C47B9DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13iob_g2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C465DCCA-D769-4DE2-92F7-2943533547BD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13iob_g2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E839B843-1748-4A0A-A0E3-F799794F85BE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v55t_gen_2_13acn_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5jkt23a", + "matchCriteriaId": "B1460514-7282-4491-805C-F41359C3BF94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v55t_gen_2_13acn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ABBD7AD6-C762-4F5D-B995-2D18C23E21AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imh_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m4pkt13a", + "matchCriteriaId": "4F796ABD-C150-458A-BF7D-5E8D611F946F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imh:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32BC35F7-58B4-4881-9C20-D79A1CF1E955" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "2D82B9E8-A1A0-46BE-896B-1043C8241807" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EBA5749-B2A7-4BA3-B9AF-5507C0E6BEFD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50s-07imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "4F859DB9-8603-45F7-B289-72DD353F9FFC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50s-07imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3A907A6-060C-45FE-8A9E-F297BBD4F80E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-24imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "1CB01D3D-0336-4959-93E0-3247A8983AD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-24imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E4DBBA7C-5632-430E-8B44-46FC4D6D6D66" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-22imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "8930211A-E679-43B9-A9A5-2FCDC6B55FC3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-22imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E9A7D14D-C6AB-4951-A47D-D8AE79D8E32C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-24iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "51834203-9156-45DD-929A-5D3F64E0BC5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-24iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CC862A9-07AF-4110-8E11-DB41B25863A5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-22iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "E4257F53-9D2B-4F80-B996-D37FFDF868FE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-22iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A8CA790E-5003-48CF-BE48-4F631CE4FAAB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkedge_se30_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3fkt2da", + "matchCriteriaId": "6F2187DF-FD19-4036-8F46-1CCF33539DB5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkedge_se30:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4027F7E6-2E72-4530-8971-7FDA383ED87D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p920_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A7F9E5D-8367-495C-806C-E07465735A0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p920_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FC1F1D8F-CD7F-4957-9556-35B912DB4F9B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p720_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B445A5E3-7FB1-4920-9A6E-E074FCC10A4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p720_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0A7E407C-7A05-4CE1-9B42-56B635245F56" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520c_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5EEFE5BC-5E83-4056-A22B-737297FB291D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520c_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "62FED917-5884-44EE-AE56-2B443C5B18B8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4E12AEA4-2BB1-4EB0-9FD2-29237C30E7B5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D49B4738-AEFD-4E09-857A-0FB0D1698F69" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F3DF4D1-B565-436E-AACD-46CE46D27E60" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s0ekt45a", + "matchCriteriaId": "9C74C0DB-5061-4BBA-8CAF-406CEE2840BC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p350_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5A26F947-3187-482A-BFA7-85AF1EC83039" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p350_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ECC390ED-7DA0-4022-84A9-586BC9BC3AF7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p348_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3kkt3ba", + "matchCriteriaId": "21675C07-5CC7-448C-82C1-888F882EC574" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p348_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00A72988-AF0B-43B3-BF99-7C334C47CA63" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s08kt55a", + "matchCriteriaId": "0EDD83EB-6D55-40D6-A58D-F2C8769F0C1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "88439DB2-AF94-41AE-838A-B66B82A98790" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "AAFD3CA1-2A1F-4FD8-859A-F75F7087CD9E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAED0A02-2DE5-4DE4-AB0E-702198785924" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_2nd_gen_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "E427CA99-9A9C-4965-9674-665B77DB9AF0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation_2nd_gen:-:*:*:*:*:*:*:*", + "matchCriteriaId": "025B6549-B85A-420E-AC12-64DE265196A7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "9214F8AE-74AD-4296-A3CE-D55C9BAEB331" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "94E2238E-8A45-4BE5-8D21-9DC5F991312D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "49610A74-2167-41A4-B57C-1DE57F0518A7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1449EE6-FB7F-45D7-8106-787AEFA31200" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p320_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s06kt64a", + "matchCriteriaId": "278A0F1E-87A1-4D08-B740-8A2DFA8488E0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p320_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D97ED54-608E-459D-BEA7-83C8442EC60A" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-141775", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-450xx/CVE-2023-45077.json b/CVE-2023/CVE-2023-450xx/CVE-2023-45077.json index 285438bd863..2223e6215f6 100644 --- a/CVE-2023/CVE-2023-450xx/CVE-2023-45077.json +++ b/CVE-2023/CVE-2023-450xx/CVE-2023-45077.json @@ -2,16 +2,40 @@ "id": "CVE-2023-45077", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-11-08T23:15:11.250", - "lastModified": "2023-11-09T13:46:14.890", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:05:16.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leakage vulnerability was reported in the 534D0740 DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables. " + }, + { + "lang": "es", + "value": "Se inform\u00f3 una vulnerabilidad de p\u00e9rdida de memoria en el controlador DXE 534D0740 que puede permitir que un atacante local con privilegios elevados escriba en variables NVRAM." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +70,1798 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_c5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "141B8675-12D8-47DD-BE9E-AD147ABA4555" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_c5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86FABE58-B9C6-4B31-B4DF-E009DBD5CED1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07ada05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4fkt39a", + "matchCriteriaId": "ACFDD765-4CF5-4786-95DF-4107341A82C9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07ada05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ED1DFA0B-0259-4F37-87E8-A989043A2B57" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "D20C29CF-23C5-4F77-AEC4-065E4E3F40EF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAA6805E-2896-4EBA-BCCE-832F44D94693" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C18FF8F0-1EB5-4172-8414-167B3670EA49" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CF6ED930-A8C3-45A2-A2E0-536E9F732B1F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_creator_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "BD66E3E0-5BE0-4A35-8EB6-CA714C39DD94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_creator_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0AA1F367-AEDF-4379-A94F-2484B65FE5D5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14amr05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4zkt2ba", + "matchCriteriaId": "6490B55F-1513-48A5-A623-5860F14FB79A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14amr05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F683D6E7-0C4E-454D-B108-27442E33A17B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_gaming_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "6B07220E-5CF7-401C-B403-BB39EC3AA9F8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_gaming_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4EF3A200-2D5B-45BB-AE23-F25927BA3FA4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5_01iaq7_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o53kt10a", + "matchCriteriaId": "610522F4-EBC6-4AE6-8ADD-9957C4024DF3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5_01iaq7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC1CAD9B-61FC-4539-83A4-E2A1D411FCDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5-01imh05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4ekt1ba", + "matchCriteriaId": "AC7187BD-243F-4F37-B021-302B93CDCB18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5-01imh05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BA0D9123-A945-41C3-B0CC-B1CAAF65BB8F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:legion_t7-34imz5_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5fkt17a", + "matchCriteriaId": "581E7EF0-FCE6-4663-81CF-FB739FD9B0C4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:legion_t7-34imz5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AD2E4E8D-942A-45E8-A5C0-86C8E5B1C511" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m625q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1wkt52a", + "matchCriteriaId": "E5AD7477-E87F-4EE4-AC47-6495AB4BF474" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m625q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "438DA928-AC10-446F-8B56-24D46B8AEDF9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m630e_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5148F0B5-0A65-4A57-89B6-5EB0CE938A38" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m630e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D53FD4A8-8352-469D-8DAE-B904FDB9DA73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2skt29a", + "matchCriteriaId": "1A4F8008-612C-4DE9-8B82-1F55D05F5B55" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E23D10CA-F552-4D26-B350-6F0526BCC53C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1mkt56a", + "matchCriteriaId": "7C515F16-4DAA-4881-96F8-934F8941E4D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C4147105-8798-4CF4-8E7B-CB8429BCAA55" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920x_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "EA5ABB10-241E-469F-B400-E68A43AA2F1F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9DDEC1BD-4511-4231-9502-A65FFFA35116" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "0A4E408C-5277-4246-A0F5-CC6FE716FE95" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA136174-6A29-4DD8-BF2F-BEC629ED216B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "BF338ABE-DF38-4C3D-9703-2E9D09AB3EA8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86CEA502-29BC-4F04-AF51-53B8CE39D1DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "9E4113A0-AC90-48F2-9B95-A72184788DB8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "18964E52-51F6-4C64-A471-A09FB2E7A4C1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "ED0FDD5F-4198-483C-897F-F946416AB5E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B52C1612-1479-4A98-8EF7-DB7BF44D7396" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "762E5F0E-FF2F-46D8-9B22-6EFA795505EB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "466521C7-6E6B-473D-B188-D5FCD83375DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90q_tiny_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "3C0EBA22-766B-478B-AEEB-1CE145395B4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90q_tiny:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DBAC138A-7423-455F-B039-84C7D8AEE69A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2rkt57a", + "matchCriteriaId": "7B8F5EF2-16DA-40FC-BA37-72F99CD4DC6E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F78CB731-96A7-4EB5-B179-BD73490B95C9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m820z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1nkt62a", + "matchCriteriaId": "11825508-9DD7-4E7E-9CA5-A0EBD073AE0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m820z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "87688EEF-3935-497A-8FD3-66AF4596BFF0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "11F5454C-0682-4082-8D4B-8B030022A386" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3DEDED31-3B1C-4289-8056-82606B246978" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "D9B7941A-2CA3-405C-A7C5-C3D8478B6EEC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9292E0CE-B3CC-44F6-8673-3FADFA37C3F6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "7E609775-8206-4F58-B7C3-05730DC4B699" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E4EF5F1-4552-4298-B847-568B70D2677E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75t_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F21FD7B9-9104-490F-86AC-E3B70EB62591" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75t_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2102F1DF-7A45-4080-B52A-3D51028FE82A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75s_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B86C3BD3-6184-4875-9AEF-6325F2D047BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75s_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "04B34D9E-9504-4CEF-8056-01C6BAEAB8CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75q_gen_2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m47kt30a", + "matchCriteriaId": "4E1C9AFE-231E-40AB-AAD7-380363BDE625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75q_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B02FFC22-94FE-483A-994A-645C699CAD5D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m33kt27a", + "matchCriteriaId": "8034A246-7FEA-4F66-B52D-1E5EBE21E69E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8644D2E7-B6C7-4E0F-B8C4-37ADAEAEDC03" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "5B08DD83-C12A-4AE5-B97C-39D9123FA6DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CAC3DBF5-3CE2-48BE-82E2-F52A776E68E6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "CC778074-3CCB-4B6B-800D-E38CFA154DD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C245AA0-A5AA-4375-B781-23159D4F69B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "3644C44C-C8A2-4A0F-BA58-963751BAFC0E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "90230B12-DF65-4D6B-90E0-65F523BA98CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "33905836-A97A-4025-B7C1-D6A0C60ECB4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00CF1B6A-A36C-4035-B248-664B6DB3B4B4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "C380E026-CA09-4CF5-9D09-679D612FE983" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C3B56DE3-5438-4117-89B7-92F065959CAC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "146E13B8-7C62-4A29-80F3-9E85B8012920" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8FC6E24C-E4DC-4773-A448-FBC56C47B9DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13iob_g2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C465DCCA-D769-4DE2-92F7-2943533547BD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13iob_g2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E839B843-1748-4A0A-A0E3-F799794F85BE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v55t_gen_2_13acn_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5jkt23a", + "matchCriteriaId": "B1460514-7282-4491-805C-F41359C3BF94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v55t_gen_2_13acn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ABBD7AD6-C762-4F5D-B995-2D18C23E21AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imh_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m4pkt13a", + "matchCriteriaId": "4F796ABD-C150-458A-BF7D-5E8D611F946F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imh:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32BC35F7-58B4-4881-9C20-D79A1CF1E955" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "2D82B9E8-A1A0-46BE-896B-1043C8241807" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EBA5749-B2A7-4BA3-B9AF-5507C0E6BEFD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50s-07imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "4F859DB9-8603-45F7-B289-72DD353F9FFC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50s-07imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3A907A6-060C-45FE-8A9E-F297BBD4F80E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-24imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "1CB01D3D-0336-4959-93E0-3247A8983AD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-24imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E4DBBA7C-5632-430E-8B44-46FC4D6D6D66" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-22imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "8930211A-E679-43B9-A9A5-2FCDC6B55FC3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-22imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E9A7D14D-C6AB-4951-A47D-D8AE79D8E32C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-24iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "51834203-9156-45DD-929A-5D3F64E0BC5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-24iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CC862A9-07AF-4110-8E11-DB41B25863A5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-22iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "E4257F53-9D2B-4F80-B996-D37FFDF868FE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-22iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A8CA790E-5003-48CF-BE48-4F631CE4FAAB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkedge_se30_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3fkt2da", + "matchCriteriaId": "6F2187DF-FD19-4036-8F46-1CCF33539DB5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkedge_se30:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4027F7E6-2E72-4530-8971-7FDA383ED87D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p920_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A7F9E5D-8367-495C-806C-E07465735A0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p920_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FC1F1D8F-CD7F-4957-9556-35B912DB4F9B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p720_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B445A5E3-7FB1-4920-9A6E-E074FCC10A4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p720_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0A7E407C-7A05-4CE1-9B42-56B635245F56" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520c_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5EEFE5BC-5E83-4056-A22B-737297FB291D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520c_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "62FED917-5884-44EE-AE56-2B443C5B18B8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4E12AEA4-2BB1-4EB0-9FD2-29237C30E7B5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D49B4738-AEFD-4E09-857A-0FB0D1698F69" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F3DF4D1-B565-436E-AACD-46CE46D27E60" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s0ekt45a", + "matchCriteriaId": "9C74C0DB-5061-4BBA-8CAF-406CEE2840BC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p350_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5A26F947-3187-482A-BFA7-85AF1EC83039" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p350_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ECC390ED-7DA0-4022-84A9-586BC9BC3AF7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p348_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3kkt3ba", + "matchCriteriaId": "21675C07-5CC7-448C-82C1-888F882EC574" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p348_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00A72988-AF0B-43B3-BF99-7C334C47CA63" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s08kt55a", + "matchCriteriaId": "0EDD83EB-6D55-40D6-A58D-F2C8769F0C1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "88439DB2-AF94-41AE-838A-B66B82A98790" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "AAFD3CA1-2A1F-4FD8-859A-F75F7087CD9E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAED0A02-2DE5-4DE4-AB0E-702198785924" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_2nd_gen_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "E427CA99-9A9C-4965-9674-665B77DB9AF0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation_2nd_gen:-:*:*:*:*:*:*:*", + "matchCriteriaId": "025B6549-B85A-420E-AC12-64DE265196A7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "9214F8AE-74AD-4296-A3CE-D55C9BAEB331" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "94E2238E-8A45-4BE5-8D21-9DC5F991312D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "49610A74-2167-41A4-B57C-1DE57F0518A7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1449EE6-FB7F-45D7-8106-787AEFA31200" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p320_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s06kt64a", + "matchCriteriaId": "278A0F1E-87A1-4D08-B740-8A2DFA8488E0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p320_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D97ED54-608E-459D-BEA7-83C8442EC60A" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-141775", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-450xx/CVE-2023-45078.json b/CVE-2023/CVE-2023-450xx/CVE-2023-45078.json index 3dd6c6183b3..245a8d8a64d 100644 --- a/CVE-2023/CVE-2023-450xx/CVE-2023-45078.json +++ b/CVE-2023/CVE-2023-450xx/CVE-2023-45078.json @@ -2,16 +2,40 @@ "id": "CVE-2023-45078", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-11-08T23:15:11.443", - "lastModified": "2023-11-09T13:46:14.890", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:04:56.023", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leakage vulnerability was reported in the DustFilterAlertSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables. " + }, + { + "lang": "es", + "value": "Se inform\u00f3 una vulnerabilidad de p\u00e9rdida de memoria en el controlador SMM DustFilterAlertSmm que puede permitir que un atacante local con privilegios elevados escriba en variables NVRAM." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +70,1798 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_c5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "141B8675-12D8-47DD-BE9E-AD147ABA4555" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_c5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86FABE58-B9C6-4B31-B4DF-E009DBD5CED1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07ada05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4fkt39a", + "matchCriteriaId": "ACFDD765-4CF5-4786-95DF-4107341A82C9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07ada05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ED1DFA0B-0259-4F37-87E8-A989043A2B57" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "D20C29CF-23C5-4F77-AEC4-065E4E3F40EF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAA6805E-2896-4EBA-BCCE-832F44D94693" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C18FF8F0-1EB5-4172-8414-167B3670EA49" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CF6ED930-A8C3-45A2-A2E0-536E9F732B1F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_creator_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "BD66E3E0-5BE0-4A35-8EB6-CA714C39DD94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_creator_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0AA1F367-AEDF-4379-A94F-2484B65FE5D5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14amr05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4zkt2ba", + "matchCriteriaId": "6490B55F-1513-48A5-A623-5860F14FB79A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14amr05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F683D6E7-0C4E-454D-B108-27442E33A17B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_gaming_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "6B07220E-5CF7-401C-B403-BB39EC3AA9F8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_gaming_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4EF3A200-2D5B-45BB-AE23-F25927BA3FA4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5_01iaq7_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o53kt10a", + "matchCriteriaId": "610522F4-EBC6-4AE6-8ADD-9957C4024DF3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5_01iaq7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC1CAD9B-61FC-4539-83A4-E2A1D411FCDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5-01imh05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4ekt1ba", + "matchCriteriaId": "AC7187BD-243F-4F37-B021-302B93CDCB18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5-01imh05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BA0D9123-A945-41C3-B0CC-B1CAAF65BB8F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:legion_t7-34imz5_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5fkt17a", + "matchCriteriaId": "581E7EF0-FCE6-4663-81CF-FB739FD9B0C4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:legion_t7-34imz5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AD2E4E8D-942A-45E8-A5C0-86C8E5B1C511" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m625q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1wkt52a", + "matchCriteriaId": "E5AD7477-E87F-4EE4-AC47-6495AB4BF474" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m625q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "438DA928-AC10-446F-8B56-24D46B8AEDF9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m630e_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5148F0B5-0A65-4A57-89B6-5EB0CE938A38" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m630e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D53FD4A8-8352-469D-8DAE-B904FDB9DA73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2skt29a", + "matchCriteriaId": "1A4F8008-612C-4DE9-8B82-1F55D05F5B55" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E23D10CA-F552-4D26-B350-6F0526BCC53C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1mkt56a", + "matchCriteriaId": "7C515F16-4DAA-4881-96F8-934F8941E4D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C4147105-8798-4CF4-8E7B-CB8429BCAA55" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920x_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "EA5ABB10-241E-469F-B400-E68A43AA2F1F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9DDEC1BD-4511-4231-9502-A65FFFA35116" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "0A4E408C-5277-4246-A0F5-CC6FE716FE95" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA136174-6A29-4DD8-BF2F-BEC629ED216B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "BF338ABE-DF38-4C3D-9703-2E9D09AB3EA8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86CEA502-29BC-4F04-AF51-53B8CE39D1DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "9E4113A0-AC90-48F2-9B95-A72184788DB8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "18964E52-51F6-4C64-A471-A09FB2E7A4C1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "ED0FDD5F-4198-483C-897F-F946416AB5E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B52C1612-1479-4A98-8EF7-DB7BF44D7396" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "762E5F0E-FF2F-46D8-9B22-6EFA795505EB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "466521C7-6E6B-473D-B188-D5FCD83375DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90q_tiny_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "3C0EBA22-766B-478B-AEEB-1CE145395B4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90q_tiny:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DBAC138A-7423-455F-B039-84C7D8AEE69A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2rkt57a", + "matchCriteriaId": "7B8F5EF2-16DA-40FC-BA37-72F99CD4DC6E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F78CB731-96A7-4EB5-B179-BD73490B95C9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m820z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1nkt62a", + "matchCriteriaId": "11825508-9DD7-4E7E-9CA5-A0EBD073AE0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m820z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "87688EEF-3935-497A-8FD3-66AF4596BFF0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "11F5454C-0682-4082-8D4B-8B030022A386" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3DEDED31-3B1C-4289-8056-82606B246978" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "D9B7941A-2CA3-405C-A7C5-C3D8478B6EEC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9292E0CE-B3CC-44F6-8673-3FADFA37C3F6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "7E609775-8206-4F58-B7C3-05730DC4B699" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E4EF5F1-4552-4298-B847-568B70D2677E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75t_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F21FD7B9-9104-490F-86AC-E3B70EB62591" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75t_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2102F1DF-7A45-4080-B52A-3D51028FE82A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75s_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B86C3BD3-6184-4875-9AEF-6325F2D047BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75s_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "04B34D9E-9504-4CEF-8056-01C6BAEAB8CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75q_gen_2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m47kt30a", + "matchCriteriaId": "4E1C9AFE-231E-40AB-AAD7-380363BDE625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75q_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B02FFC22-94FE-483A-994A-645C699CAD5D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m33kt27a", + "matchCriteriaId": "8034A246-7FEA-4F66-B52D-1E5EBE21E69E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8644D2E7-B6C7-4E0F-B8C4-37ADAEAEDC03" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "5B08DD83-C12A-4AE5-B97C-39D9123FA6DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CAC3DBF5-3CE2-48BE-82E2-F52A776E68E6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "CC778074-3CCB-4B6B-800D-E38CFA154DD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C245AA0-A5AA-4375-B781-23159D4F69B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "3644C44C-C8A2-4A0F-BA58-963751BAFC0E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "90230B12-DF65-4D6B-90E0-65F523BA98CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "33905836-A97A-4025-B7C1-D6A0C60ECB4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00CF1B6A-A36C-4035-B248-664B6DB3B4B4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "C380E026-CA09-4CF5-9D09-679D612FE983" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C3B56DE3-5438-4117-89B7-92F065959CAC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "146E13B8-7C62-4A29-80F3-9E85B8012920" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8FC6E24C-E4DC-4773-A448-FBC56C47B9DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13iob_g2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C465DCCA-D769-4DE2-92F7-2943533547BD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13iob_g2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E839B843-1748-4A0A-A0E3-F799794F85BE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v55t_gen_2_13acn_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5jkt23a", + "matchCriteriaId": "B1460514-7282-4491-805C-F41359C3BF94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v55t_gen_2_13acn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ABBD7AD6-C762-4F5D-B995-2D18C23E21AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imh_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m4pkt13a", + "matchCriteriaId": "4F796ABD-C150-458A-BF7D-5E8D611F946F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imh:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32BC35F7-58B4-4881-9C20-D79A1CF1E955" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "2D82B9E8-A1A0-46BE-896B-1043C8241807" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EBA5749-B2A7-4BA3-B9AF-5507C0E6BEFD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50s-07imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "4F859DB9-8603-45F7-B289-72DD353F9FFC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50s-07imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3A907A6-060C-45FE-8A9E-F297BBD4F80E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-24imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "1CB01D3D-0336-4959-93E0-3247A8983AD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-24imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E4DBBA7C-5632-430E-8B44-46FC4D6D6D66" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-22imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "8930211A-E679-43B9-A9A5-2FCDC6B55FC3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-22imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E9A7D14D-C6AB-4951-A47D-D8AE79D8E32C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-24iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "51834203-9156-45DD-929A-5D3F64E0BC5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-24iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CC862A9-07AF-4110-8E11-DB41B25863A5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-22iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "E4257F53-9D2B-4F80-B996-D37FFDF868FE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-22iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A8CA790E-5003-48CF-BE48-4F631CE4FAAB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkedge_se30_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3fkt2da", + "matchCriteriaId": "6F2187DF-FD19-4036-8F46-1CCF33539DB5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkedge_se30:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4027F7E6-2E72-4530-8971-7FDA383ED87D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p920_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A7F9E5D-8367-495C-806C-E07465735A0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p920_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FC1F1D8F-CD7F-4957-9556-35B912DB4F9B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p720_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B445A5E3-7FB1-4920-9A6E-E074FCC10A4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p720_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0A7E407C-7A05-4CE1-9B42-56B635245F56" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520c_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5EEFE5BC-5E83-4056-A22B-737297FB291D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520c_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "62FED917-5884-44EE-AE56-2B443C5B18B8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4E12AEA4-2BB1-4EB0-9FD2-29237C30E7B5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D49B4738-AEFD-4E09-857A-0FB0D1698F69" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F3DF4D1-B565-436E-AACD-46CE46D27E60" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s0ekt45a", + "matchCriteriaId": "9C74C0DB-5061-4BBA-8CAF-406CEE2840BC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p350_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5A26F947-3187-482A-BFA7-85AF1EC83039" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p350_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ECC390ED-7DA0-4022-84A9-586BC9BC3AF7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p348_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3kkt3ba", + "matchCriteriaId": "21675C07-5CC7-448C-82C1-888F882EC574" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p348_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00A72988-AF0B-43B3-BF99-7C334C47CA63" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s08kt55a", + "matchCriteriaId": "0EDD83EB-6D55-40D6-A58D-F2C8769F0C1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "88439DB2-AF94-41AE-838A-B66B82A98790" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "AAFD3CA1-2A1F-4FD8-859A-F75F7087CD9E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAED0A02-2DE5-4DE4-AB0E-702198785924" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_2nd_gen_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "E427CA99-9A9C-4965-9674-665B77DB9AF0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation_2nd_gen:-:*:*:*:*:*:*:*", + "matchCriteriaId": "025B6549-B85A-420E-AC12-64DE265196A7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "9214F8AE-74AD-4296-A3CE-D55C9BAEB331" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "94E2238E-8A45-4BE5-8D21-9DC5F991312D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "49610A74-2167-41A4-B57C-1DE57F0518A7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1449EE6-FB7F-45D7-8106-787AEFA31200" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p320_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s06kt64a", + "matchCriteriaId": "278A0F1E-87A1-4D08-B740-8A2DFA8488E0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p320_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D97ED54-608E-459D-BEA7-83C8442EC60A" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-141775", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-450xx/CVE-2023-45079.json b/CVE-2023/CVE-2023-450xx/CVE-2023-45079.json index 4601767bcb9..bfe478e632f 100644 --- a/CVE-2023/CVE-2023-450xx/CVE-2023-45079.json +++ b/CVE-2023/CVE-2023-450xx/CVE-2023-45079.json @@ -2,16 +2,40 @@ "id": "CVE-2023-45079", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-11-08T23:15:11.617", - "lastModified": "2023-11-09T13:46:14.890", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:48:36.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leakage vulnerability was reported in the NvmramSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables. \n\n" + }, + { + "lang": "es", + "value": "Se inform\u00f3 una vulnerabilidad de p\u00e9rdida de memoria en el controlador SMM NvmramSmm que puede permitir que un atacante local con privilegios elevados escriba en variables NVRAM." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +70,1798 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_c5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "141B8675-12D8-47DD-BE9E-AD147ABA4555" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_c5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86FABE58-B9C6-4B31-B4DF-E009DBD5CED1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07ada05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4fkt39a", + "matchCriteriaId": "ACFDD765-4CF5-4786-95DF-4107341A82C9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07ada05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ED1DFA0B-0259-4F37-87E8-A989043A2B57" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_3-07imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "D20C29CF-23C5-4F77-AEC4-065E4E3F40EF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_3-07imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAA6805E-2896-4EBA-BCCE-832F44D94693" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C18FF8F0-1EB5-4172-8414-167B3670EA49" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CF6ED930-A8C3-45A2-A2E0-536E9F732B1F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_creator_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "BD66E3E0-5BE0-4A35-8EB6-CA714C39DD94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_creator_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0AA1F367-AEDF-4379-A94F-2484B65FE5D5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14amr05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4zkt2ba", + "matchCriteriaId": "6490B55F-1513-48A5-A623-5860F14FB79A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14amr05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F683D6E7-0C4E-454D-B108-27442E33A17B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_g5-14imb05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "8FBF957B-7DE5-430A-AC97-CC9BA7283F3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_g5-14imb05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "314A6AF0-F54C-4ECB-B498-8612BF660D24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_gaming_5-14iob6_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "6B07220E-5CF7-401C-B403-BB39EC3AA9F8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_gaming_5-14iob6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4EF3A200-2D5B-45BB-AE23-F25927BA3FA4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5_01iaq7_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o53kt10a", + "matchCriteriaId": "610522F4-EBC6-4AE6-8ADD-9957C4024DF3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5_01iaq7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC1CAD9B-61FC-4539-83A4-E2A1D411FCDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideacentre_mini_5-01imh05_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4ekt1ba", + "matchCriteriaId": "AC7187BD-243F-4F37-B021-302B93CDCB18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideacentre_mini_5-01imh05:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BA0D9123-A945-41C3-B0CC-B1CAAF65BB8F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:legion_t7-34imz5_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5fkt17a", + "matchCriteriaId": "581E7EF0-FCE6-4663-81CF-FB739FD9B0C4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:legion_t7-34imz5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AD2E4E8D-942A-45E8-A5C0-86C8E5B1C511" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m625q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1wkt52a", + "matchCriteriaId": "E5AD7477-E87F-4EE4-AC47-6495AB4BF474" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m625q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "438DA928-AC10-446F-8B56-24D46B8AEDF9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m630e_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5148F0B5-0A65-4A57-89B6-5EB0CE938A38" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m630e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D53FD4A8-8352-469D-8DAE-B904FDB9DA73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2skt29a", + "matchCriteriaId": "1A4F8008-612C-4DE9-8B82-1F55D05F5B55" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E23D10CA-F552-4D26-B350-6F0526BCC53C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1mkt56a", + "matchCriteriaId": "7C515F16-4DAA-4881-96F8-934F8941E4D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C4147105-8798-4CF4-8E7B-CB8429BCAA55" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920x_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "EA5ABB10-241E-469F-B400-E68A43AA2F1F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9DDEC1BD-4511-4231-9502-A65FFFA35116" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "0A4E408C-5277-4246-A0F5-CC6FE716FE95" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA136174-6A29-4DD8-BF2F-BEC629ED216B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "BF338ABE-DF38-4C3D-9703-2E9D09AB3EA8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86CEA502-29BC-4F04-AF51-53B8CE39D1DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m920q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "9E4113A0-AC90-48F2-9B95-A72184788DB8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m920q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "18964E52-51F6-4C64-A471-A09FB2E7A4C1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "ED0FDD5F-4198-483C-897F-F946416AB5E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B52C1612-1479-4A98-8EF7-DB7BF44D7396" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "762E5F0E-FF2F-46D8-9B22-6EFA795505EB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "466521C7-6E6B-473D-B188-D5FCD83375DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90q_tiny_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "3C0EBA22-766B-478B-AEEB-1CE145395B4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90q_tiny:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DBAC138A-7423-455F-B039-84C7D8AEE69A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m90a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2rkt57a", + "matchCriteriaId": "7B8F5EF2-16DA-40FC-BA37-72F99CD4DC6E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m90a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F78CB731-96A7-4EB5-B179-BD73490B95C9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m820z_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1nkt62a", + "matchCriteriaId": "11825508-9DD7-4E7E-9CA5-A0EBD073AE0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m820z_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "87688EEF-3935-497A-8FD3-66AF4596BFF0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "11F5454C-0682-4082-8D4B-8B030022A386" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3DEDED31-3B1C-4289-8056-82606B246978" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "D9B7941A-2CA3-405C-A7C5-C3D8478B6EEC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9292E0CE-B3CC-44F6-8673-3FADFA37C3F6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m80q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "7E609775-8206-4F58-B7C3-05730DC4B699" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m80q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E4EF5F1-4552-4298-B847-568B70D2677E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75t_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F21FD7B9-9104-490F-86AC-E3B70EB62591" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75t_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2102F1DF-7A45-4080-B52A-3D51028FE82A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75s_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B86C3BD3-6184-4875-9AEF-6325F2D047BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75s_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "04B34D9E-9504-4CEF-8056-01C6BAEAB8CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75q_gen_2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m47kt30a", + "matchCriteriaId": "4E1C9AFE-231E-40AB-AAD7-380363BDE625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75q_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B02FFC22-94FE-483A-994A-645C699CAD5D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m75n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m33kt27a", + "matchCriteriaId": "8034A246-7FEA-4F66-B52D-1E5EBE21E69E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m75n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8644D2E7-B6C7-4E0F-B8C4-37ADAEAEDC03" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "5B08DD83-C12A-4AE5-B97C-39D9123FA6DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CAC3DBF5-3CE2-48BE-82E2-F52A776E68E6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "CC778074-3CCB-4B6B-800D-E38CFA154DD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C245AA0-A5AA-4375-B781-23159D4F69B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m720q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "3644C44C-C8A2-4A0F-BA58-963751BAFC0E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m720q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "90230B12-DF65-4D6B-90E0-65F523BA98CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "33905836-A97A-4025-B7C1-D6A0C60ECB4E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00CF1B6A-A36C-4035-B248-664B6DB3B4B4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2tkt55a", + "matchCriteriaId": "C380E026-CA09-4CF5-9D09-679D612FE983" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C3B56DE3-5438-4117-89B7-92F065959CAC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70q_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "146E13B8-7C62-4A29-80F3-9E85B8012920" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8FC6E24C-E4DC-4773-A448-FBC56C47B9DA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13iob_g2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3gkt3da", + "matchCriteriaId": "C465DCCA-D769-4DE2-92F7-2943533547BD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13iob_g2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E839B843-1748-4A0A-A0E3-F799794F85BE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v55t_gen_2_13acn_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o5jkt23a", + "matchCriteriaId": "B1460514-7282-4491-805C-F41359C3BF94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v55t_gen_2_13acn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ABBD7AD6-C762-4F5D-B995-2D18C23E21AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imh_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m4pkt13a", + "matchCriteriaId": "4F796ABD-C150-458A-BF7D-5E8D611F946F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imh:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32BC35F7-58B4-4881-9C20-D79A1CF1E955" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50t-13imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "o4hkt3ca", + "matchCriteriaId": "2D82B9E8-A1A0-46BE-896B-1043C8241807" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50t-13imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EBA5749-B2A7-4BA3-B9AF-5507C0E6BEFD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50s-07imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "4F859DB9-8603-45F7-B289-72DD353F9FFC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50s-07imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3A907A6-060C-45FE-8A9E-F297BBD4F80E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-24imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "1CB01D3D-0336-4959-93E0-3247A8983AD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-24imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E4DBBA7C-5632-430E-8B44-46FC4D6D6D66" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v50a-22imb_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m36kt32a", + "matchCriteriaId": "8930211A-E679-43B9-A9A5-2FCDC6B55FC3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v50a-22imb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E9A7D14D-C6AB-4951-A47D-D8AE79D8E32C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-24iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "51834203-9156-45DD-929A-5D3F64E0BC5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-24iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CC862A9-07AF-4110-8E11-DB41B25863A5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:v30a-22iml_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m37kt31a", + "matchCriteriaId": "E4257F53-9D2B-4F80-B996-D37FFDF868FE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:v30a-22iml:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A8CA790E-5003-48CF-BE48-4F631CE4FAAB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkcentre_m70c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2vkt21a", + "matchCriteriaId": "624B1338-27AD-4458-BE00-5BFB95EDA746" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkcentre_m70c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70407537-85BD-4672-B71F-59E4D731169E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkedge_se30_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3fkt2da", + "matchCriteriaId": "6F2187DF-FD19-4036-8F46-1CCF33539DB5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkedge_se30:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4027F7E6-2E72-4530-8971-7FDA383ED87D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p920_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A7F9E5D-8367-495C-806C-E07465735A0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p920_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FC1F1D8F-CD7F-4957-9556-35B912DB4F9B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p720_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B445A5E3-7FB1-4920-9A6E-E074FCC10A4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p720_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0A7E407C-7A05-4CE1-9B42-56B635245F56" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520c_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5EEFE5BC-5E83-4056-A22B-737297FB291D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520c_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "62FED917-5884-44EE-AE56-2B443C5B18B8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p520_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4E12AEA4-2BB1-4EB0-9FD2-29237C30E7B5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p520_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D49B4738-AEFD-4E09-857A-0FB0D1698F69" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F3DF4D1-B565-436E-AACD-46CE46D27E60" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p360_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s0ekt45a", + "matchCriteriaId": "9C74C0DB-5061-4BBA-8CAF-406CEE2840BC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p360_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44859B5B-738F-444F-AA40-FFF62DFED9A8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p350_workstation_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5A26F947-3187-482A-BFA7-85AF1EC83039" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p350_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ECC390ED-7DA0-4022-84A9-586BC9BC3AF7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p348_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m3kkt3ba", + "matchCriteriaId": "21675C07-5CC7-448C-82C1-888F882EC574" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p348_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00A72988-AF0B-43B3-BF99-7C334C47CA63" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s08kt55a", + "matchCriteriaId": "0EDD83EB-6D55-40D6-A58D-F2C8769F0C1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "88439DB2-AF94-41AE-838A-B66B82A98790" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p340_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m2wkt5aa", + "matchCriteriaId": "AAFD3CA1-2A1F-4FD8-859A-F75F7087CD9E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p340_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAED0A02-2DE5-4DE4-AB0E-702198785924" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_2nd_gen_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "E427CA99-9A9C-4965-9674-665B77DB9AF0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation_2nd_gen:-:*:*:*:*:*:*:*", + "matchCriteriaId": "025B6549-B85A-420E-AC12-64DE265196A7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1vkt72a", + "matchCriteriaId": "9214F8AE-74AD-4296-A3CE-D55C9BAEB331" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "94E2238E-8A45-4BE5-8D21-9DC5F991312D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p330_tiny_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "m1ukt72a", + "matchCriteriaId": "49610A74-2167-41A4-B57C-1DE57F0518A7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p330_tiny_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1449EE6-FB7F-45D7-8106-787AEFA31200" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkstation_p320_workstation_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "s06kt64a", + "matchCriteriaId": "278A0F1E-87A1-4D08-B740-8A2DFA8488E0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkstation_p320_workstation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D97ED54-608E-459D-BEA7-83C8442EC60A" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-141775", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45140.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45140.json index 629bd3840a8..82ad9b744e7 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45140.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45140.json @@ -2,16 +2,40 @@ "id": "CVE-2023-45140", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-08T16:15:09.800", - "lastModified": "2023-11-08T17:25:02.317", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:50:42.010", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. SCP and SFTP plugins don't honor group-based JIT MFA. Establishing a SCP/SFTP connection through The Bastion via a group access where MFA is enforced does not ask for additional factor. This abnormal behavior only applies to per-group-based JIT MFA. Other MFA setup types, such as Immediate MFA, JIT MFA on a per-plugin basis and JIT MFA on a per-account basis are not affected. This issue has been patched in version 3.14.15." + }, + { + "lang": "es", + "value": "The Bastion proporciona autenticaci\u00f3n, autorizaci\u00f3n, trazabilidad y auditabilidad para accesos SSH. Los complementos SCP y SFTP no respetan JIT MFA basado en grupos. Establecer una conexi\u00f3n SCP/SFTP a trav\u00e9s de The Bastion por medio de un acceso grupal donde se aplica MFA no requiere ning\u00fan factor adicional. Este comportamiento anormal solo se aplica a JIT MFA por grupo. Otros tipos de configuraci\u00f3n de MFA, como Immediate MFA, JIT MFA por complemento y JIT MFA por cuenta, no se ven afectados. Este problema se solucion\u00f3 en la versi\u00f3n 3.14.15." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +70,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ovh:the-bastion:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.14.15", + "matchCriteriaId": "A4A16733-F993-429F-B56C-6161B82D25C3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ovh/the-bastion/releases/tag/v3.14.15", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/ovh/the-bastion/security/advisories/GHSA-pr4q-w883-pf5x", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-458xx/CVE-2023-45857.json b/CVE-2023/CVE-2023-458xx/CVE-2023-45857.json index 6b38b7f41b6..93fd993c7cf 100644 --- a/CVE-2023/CVE-2023-458xx/CVE-2023-45857.json +++ b/CVE-2023/CVE-2023-458xx/CVE-2023-45857.json @@ -2,19 +2,79 @@ "id": "CVE-2023-45857", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-08T21:15:08.550", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:35:34.107", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information." + }, + { + "lang": "es", + "value": "Un problema descubierto en Axios 1.5.1 revela inadvertidamente el XSRF-TOKEN confidencial almacenado en las cookies al incluirlo en el encabezado HTTP X-XSRF-TOKEN para cada solicitud realizada a cualquier host, lo que permite a los atacantes ver informaci\u00f3n sensible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:axios:axios:1.5.1:*:*:*:*:node.js:*:*", + "matchCriteriaId": "28179B3F-4DC0-416C-BC68-2678D3DF2313" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/axios/axios/issues/6006", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-458xx/CVE-2023-45875.json b/CVE-2023/CVE-2023-458xx/CVE-2023-45875.json index e139cb7ca20..37490ee6303 100644 --- a/CVE-2023/CVE-2023-458xx/CVE-2023-45875.json +++ b/CVE-2023/CVE-2023-458xx/CVE-2023-45875.json @@ -2,27 +2,92 @@ "id": "CVE-2023-45875", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-08T21:15:08.587", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:35:03.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Couchbase Server 7.2.0. There is a private key leak in debug.log while adding a pre-7.0 node to a 7.2 cluster." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Couchbase Server 7.2.0. Hay una fuga de clave privada en debug.log al agregar un nodo anterior a 7.0 a un cl\u00faster 7.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:couchbase:couchbase_server:7.2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FBF7BB41-6DE4-45D5-81FE-A3CC055853F1" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://docs.couchbase.com/server/current/release-notes/relnotes.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://forums.couchbase.com/tags/security", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.couchbase.com/alerts/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46014.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46014.json index 9f4ad1e024c..6558cb25ab8 100644 --- a/CVE-2023/CVE-2023-460xx/CVE-2023-46014.json +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46014.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46014", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T22:15:07.487", - "lastModified": "2023-11-14T15:15:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:32:08.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Vulnerabilidad de inyecci\u00f3n SQL en hospitalLogin.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar comandos SQL arbitrarios a trav\u00e9s de los par\u00e1metros 'hemail' y 'hpassword'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:blood_bank:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46469A77-975B-4572-9311-910A97F6E607" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46015.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46015.json index 4dd4a522404..19770c34c3c 100644 --- a/CVE-2023/CVE-2023-460xx/CVE-2023-46015.json +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46015.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46015", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T22:15:07.537", - "lastModified": "2023-11-14T15:15:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:31:55.777", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Vulnerabilidad de Cross Site Scripting (XSS) en index.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro 'msg' en la URL de la aplicaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:blood_bank:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46469A77-975B-4572-9311-910A97F6E607" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46016.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46016.json index 42aa8897294..87b5259796e 100644 --- a/CVE-2023/CVE-2023-460xx/CVE-2023-46016.json +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46016.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46016", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T22:15:07.587", - "lastModified": "2023-11-14T15:15:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:31:46.947", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Cross Site Scripting (XSS) en abs.php en Code-Projects Blood Bank 1.0 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro 'search' en la URL de la aplicaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:blood_bank:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46469A77-975B-4572-9311-910A97F6E607" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46017.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46017.json index 600a2fc35ed..c6591de4653 100644 --- a/CVE-2023/CVE-2023-460xx/CVE-2023-46017.json +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46017.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46017", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T22:15:07.640", - "lastModified": "2023-11-14T15:15:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:31:15.000", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Vulnerabilidad de inyecci\u00f3n SQL en ReceiverLogin.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar comandos SQL arbitrarios a trav\u00e9s de los par\u00e1metros 'remail' y 'rpassword'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:blood_bank:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46469A77-975B-4572-9311-910A97F6E607" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46018.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46018.json index 5253a12d558..ba0d576c704 100644 --- a/CVE-2023/CVE-2023-460xx/CVE-2023-46018.json +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46018.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46018", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T22:15:07.690", - "lastModified": "2023-11-14T15:15:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:31:02.890", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Vulnerabilidad de inyecci\u00f3n SQL en ReceiverReg.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro 'remail'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:blood_bank:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46469A77-975B-4572-9311-910A97F6E607" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46019.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46019.json index 8f8431944ce..e95fb22f8e9 100644 --- a/CVE-2023/CVE-2023-460xx/CVE-2023-46019.json +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46019.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46019", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T23:15:07.840", - "lastModified": "2023-11-14T15:15:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:32:14.770", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Vulnerabilidad de Cross Site Scripting (XSS) en abs.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro 'error'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:blood_bank:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46469A77-975B-4572-9311-910A97F6E607" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ersinerenler/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46020.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46020.json index 5cafa00c73f..d79991af194 100644 --- a/CVE-2023/CVE-2023-460xx/CVE-2023-46020.json +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46020.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46020", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T23:15:07.893", - "lastModified": "2023-11-14T15:15:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:32:22.337", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Cross Site Scripting (XSS) en updateprofile.php en Code-Projects Blood Bank 1.0 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de los par\u00e1metros 'rename', 'remail', 'rphone' y 'rcity'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:blood_bank:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46469A77-975B-4572-9311-910A97F6E607" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46021.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46021.json index 936d9388125..991d5bc4f84 100644 --- a/CVE-2023/CVE-2023-460xx/CVE-2023-46021.json +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46021.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46021", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T23:15:07.950", - "lastModified": "2023-11-14T15:15:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:32:31.800", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Vulnerabilidad de inyecci\u00f3n SQL en cancel.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar comandos arbitrarios a trav\u00e9s del par\u00e1metro 'reqid'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:blood_bank:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46469A77-975B-4572-9311-910A97F6E607" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ersinerenler/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-462xx/CVE-2023-46201.json b/CVE-2023/CVE-2023-462xx/CVE-2023-46201.json index 16a66d765a1..e9e7208e4d6 100644 --- a/CVE-2023/CVE-2023-462xx/CVE-2023-46201.json +++ b/CVE-2023/CVE-2023-462xx/CVE-2023-46201.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46201", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-13T05:15:08.650", - "lastModified": "2023-11-13T14:12:08.260", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:15:29.130", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:auto_login_new_user_after_registration_project:auto_login_new_user_after_registration:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.9.6", + "matchCriteriaId": "A6AD5FC4-4468-4877-8DE7-7C78618D688E" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/auto-login-new-user-after-registration/wordpress-auto-login-new-user-after-registration-plugin-1-9-6-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46634.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46634.json index 9e8edf63289..30d8cad892a 100644 --- a/CVE-2023/CVE-2023-466xx/CVE-2023-46634.json +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46634.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46634", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-13T04:15:08.050", - "lastModified": "2023-11-13T14:12:08.260", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:16:13.293", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoeniixx:custom_my_account_for_woocommerce:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.1", + "matchCriteriaId": "5408CCD2-B79D-49BA-AA65-66DB3370A2DA" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/custom-my-account-for-woocommerce/wordpress-custom-my-account-for-woocommerce-plugin-2-1-csrf-to-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4632.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4632.json index 569b10645bc..b6769be4ac7 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4632.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4632.json @@ -2,16 +2,40 @@ "id": "CVE-2023-4632", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-11-08T22:15:11.210", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:33:06.617", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges." + }, + { + "lang": "es", + "value": "Se inform\u00f3 una vulnerabilidad de ruta de b\u00fasqueda no controlada en Lenovo System Update que podr\u00eda permitir que un atacante con acceso local ejecute c\u00f3digo con privilegios elevados." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +70,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lenovo:system_update:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.08.02.25", + "matchCriteriaId": "6E3CCF6F-990A-4BB7-9272-96F332444279" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-135367", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47004.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47004.json index cbe5417ede5..da2d8f5a082 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47004.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47004.json @@ -2,19 +2,82 @@ "id": "CVE-2023-47004", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-06T22:15:08.043", - "lastModified": "2023-11-07T12:14:36.923", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:36:06.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication." + }, + { + "lang": "es", + "value": "La vulnerabilidad de desbordamiento del b\u00fafer en Redis RedisGraph v.2.x a v.2.12.8 y corregida en v.2.12.9 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de la l\u00f3gica del c\u00f3digo despu\u00e9s de una autenticaci\u00f3n v\u00e1lida." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redislabs:redisgraph:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.0.0", + "versionEndExcluding": "2.12.9", + "matchCriteriaId": "AF83E4D7-A176-4767-A2C4-31B52259CBAB" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/RedisGraph/RedisGraph/issues/3178", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47040.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47040.json index 25c9bbdd618..d2b0054df03 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47040.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47040.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47040", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:10.120", - "lastModified": "2023-11-16T15:15:10.120", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47041.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47041.json index 0bb19f0b455..81ba731a87d 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47041.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47041.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47041", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:10.390", - "lastModified": "2023-11-16T15:15:10.390", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47042.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47042.json index 51b08a2011f..275fc7906aa 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47042.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47042.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47042", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:10.650", - "lastModified": "2023-11-16T15:15:10.650", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47043.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47043.json index 8407aa37f71..254e5bf007e 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47043.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47043.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47043", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:10.830", - "lastModified": "2023-11-16T15:15:10.830", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47044.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47044.json index 40478f30d00..be21f9cadf7 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47044.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47044.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47044", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:11.007", - "lastModified": "2023-11-16T15:15:11.007", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47046.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47046.json index 205d662edff..6d089a06f66 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47046.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47046.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47046", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:32.080", - "lastModified": "2023-11-16T16:15:32.080", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47047.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47047.json index e2e62e6d095..e1a0e0b4707 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47047.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47047.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47047", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:32.367", - "lastModified": "2023-11-16T16:15:32.367", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47048.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47048.json index 2171590ec72..5a3c19e09d7 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47048.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47048.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47048", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:32.783", - "lastModified": "2023-11-16T16:15:32.783", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47049.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47049.json index 9e6265a7891..0b9cd3f976f 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47049.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47049.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47049", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:32.973", - "lastModified": "2023-11-16T16:15:32.973", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47050.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47050.json index 57f15d3cb53..d525693d504 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47050.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47050.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47050", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:33.167", - "lastModified": "2023-11-16T16:15:33.167", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47051.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47051.json index 56e2fbc9734..b17a182ca83 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47051.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47051.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47051", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:33.370", - "lastModified": "2023-11-16T16:15:33.370", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47052.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47052.json index 40fefd58f26..81b9b4b9b2b 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47052.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47052.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47052", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:33.587", - "lastModified": "2023-11-16T16:15:33.587", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47053.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47053.json index 267ad1910bc..4272eeae3d6 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47053.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47053.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47053", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:33.770", - "lastModified": "2023-11-16T16:15:33.770", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47054.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47054.json index a85c02ef2f8..08b1613593f 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47054.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47054.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47054", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T16:15:33.957", - "lastModified": "2023-11-16T16:15:33.957", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47055.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47055.json new file mode 100644 index 00000000000..ed66c526221 --- /dev/null +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47055.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-47055", + "sourceIdentifier": "psirt@adobe.com", + "published": "2023-11-16T17:15:07.267", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47056.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47056.json new file mode 100644 index 00000000000..3a3af69cf34 --- /dev/null +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47056.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-47056", + "sourceIdentifier": "psirt@adobe.com", + "published": "2023-11-16T17:15:07.510", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47057.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47057.json new file mode 100644 index 00000000000..ddfc2db66f4 --- /dev/null +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47057.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-47057", + "sourceIdentifier": "psirt@adobe.com", + "published": "2023-11-16T17:15:07.700", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47058.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47058.json new file mode 100644 index 00000000000..84a1bb320f5 --- /dev/null +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47058.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-47058", + "sourceIdentifier": "psirt@adobe.com", + "published": "2023-11-16T17:15:07.890", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47059.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47059.json new file mode 100644 index 00000000000..d76f29b4529 --- /dev/null +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47059.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-47059", + "sourceIdentifier": "psirt@adobe.com", + "published": "2023-11-16T17:15:08.080", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47060.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47060.json new file mode 100644 index 00000000000..b5804624e0a --- /dev/null +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47060.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-47060", + "sourceIdentifier": "psirt@adobe.com", + "published": "2023-11-16T17:15:08.270", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-824" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47109.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47109.json index 846022edf79..8bbf68977c6 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47109.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47109.json @@ -2,16 +2,40 @@ "id": "CVE-2023-47109", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-08T22:15:10.423", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:34:36.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image. When deleting the block from the BO, the file will be deleted. It is possible to make the website completely unavailable by removing index.php for example. This issue has been patched in version 5.1.4.\n" + }, + { + "lang": "es", + "value": "PrestaShop blockreassurance agrega un bloque de informaci\u00f3n destinado a ofrecer informaci\u00f3n \u00fatil para asegurar a los clientes que la tienda es confiable. Al agregar un bloque en el m\u00f3dulo blockreassurance, un usuario BO puede modificar la solicitud http y proporcionar la ruta de cualquier archivo en el proyecto en lugar de una imagen. Al eliminar el bloque del BO, el archivo se eliminar\u00e1. Es posible hacer que el sitio web no est\u00e9 completamente disponible eliminando index.php, por ejemplo. Este problema se solucion\u00f3 en la versi\u00f3n 5.1.4." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,22 +80,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:prestashop:customer_reassurance_block:*:*:*:*:*:prestashop:*:*", + "versionEndExcluding": "5.1.4", + "matchCriteriaId": "B2227213-F29B-4017-8827-E0E3BC608ED0" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/PrestaShop/blockreassurance/commit/2d0e97bebf795690caffe33c1ab23a9bf43fcdfa", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/PrestaShop/blockreassurance/commit/eec00da564db4c1804b0a0d1e3d9f7ec4e27d823", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/PrestaShop/blockreassurance/releases/tag/v5.1.4", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-83j2-qhx2-p7jc", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47111.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47111.json index ab9128836c9..d082c199e77 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47111.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47111.json @@ -2,16 +2,40 @@ "id": "CVE-2023-47111", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-08T22:15:10.657", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:33:53.937", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "ZITADEL provides identity infrastructure. ZITADEL provides administrators the possibility to define a `Lockout Policy` with a maximum amount of failed password check attempts. On every failed password check, the amount of failed checks is compared against the configured maximum. Exceeding the limit, will lock the user and prevent further authentication. In the affected implementation it was possible for an attacker to start multiple parallel password checks, giving him the possibility to try out more combinations than configured in the `Lockout Policy`. This vulnerability has been patched in versions 2.40.5 and 2.38.3.\n" + }, + { + "lang": "es", + "value": "ZITADEL proporciona infraestructura de identidad. ZITADEL brinda a los administradores la posibilidad de definir una \"Pol\u00edtica de bloqueo\" con una cantidad m\u00e1xima de intentos fallidos de verificaci\u00f3n de contrase\u00f1a. En cada verificaci\u00f3n de contrase\u00f1a fallida, la cantidad de comprobaciones fallidas se compara con el m\u00e1ximo configurado. Exceder el l\u00edmite bloquear\u00e1 al usuario y evitar\u00e1 una mayor autenticaci\u00f3n. En la implementaci\u00f3n afectada, un atacante pod\u00eda iniciar m\u00faltiples comprobaciones de contrase\u00f1as en paralelo, d\u00e1ndole la posibilidad de probar m\u00e1s combinaciones de las configuradas en la \"Pol\u00edtica de bloqueo\". Esta vulnerabilidad ha sido parcheada en las versiones 2.40.5 y 2.38.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,22 +70,59 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.38.3", + "matchCriteriaId": "CF7331E5-9891-4D72-B9D1-71620A21A006" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.39.0", + "versionEndExcluding": "2.40.5", + "matchCriteriaId": "8EA4342D-C972-4980-8E06-4F19EA76E69E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/zitadel/zitadel/commit/22e2d5599918864877e054ebe82fb834a5aa1077", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/zitadel/zitadel/releases/tag/v2.38.3", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/zitadel/zitadel/releases/tag/v2.40.5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-7h8m-vrxx-vr4m", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47114.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47114.json index ec02bba40ef..631f7f4dfc1 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47114.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47114.json @@ -2,16 +2,40 @@ "id": "CVE-2023-47114", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-08T22:15:11.023", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:33:17.553", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in your runtime environment, and the enforcement of privacy regulations in your code. The Fides web application allows data subject users to request access to their personal data. If the request is approved by the data controller user operating the Fides web application, the data subject's personal data can then retrieved from connected systems and data stores before being bundled together as a data subject access request package for the data subject to download. Supported data formats for the package include json and csv, but the most commonly used format is a series of HTML files compressed in a ZIP file. Once downloaded and unzipped, the data subject user can browse the HTML files on their local machine. It was identified that there was no validation of input coming from e.g. the connected systems and data stores which is later reflected in the downloaded data. This can result in an HTML injection that can be abused e.g. for phishing attacks or malicious JavaScript code execution, but only in the context of the data subject's browser accessing a HTML page using the `file://` protocol. Exploitation is limited to rogue Admin UI users, malicious connected system / data store users, and the data subject user if tricked via social engineering into submitting malicious data themselves. This vulnerability has been patched in version 2.23.3." + }, + { + "lang": "es", + "value": "Fides es una plataforma de ingenier\u00eda de privacidad de c\u00f3digo abierto para gestionar el cumplimiento de las solicitudes de privacidad de datos en su entorno de ejecuci\u00f3n y la aplicaci\u00f3n de las regulaciones de privacidad en su c\u00f3digo. La aplicaci\u00f3n web de Fides permite a los usuarios interesados solicitar el acceso a sus datos personales. Si la solicitud es aprobada por el usuario del controlador de datos que opera la aplicaci\u00f3n web de Fides, los datos personales del interesado se pueden recuperar de los sistemas y almacenes de datos conectados antes de agruparlos como un paquete de solicitud de acceso del interesado para que el interesado los descargue. Los formatos de datos admitidos por el paquete incluyen json y csv, pero el formato m\u00e1s utilizado es una serie de archivos HTML comprimidos en un archivo ZIP. Una vez descargados y descomprimidos, el usuario interesado puede explorar los archivos HTML en su m\u00e1quina local. Se identific\u00f3 que no hubo validaci\u00f3n de las entradas provenientes, por ejemplo, de los sistemas conectados y los almacenes de datos, lo que luego se refleja en los datos descargados. Esto puede dar lugar a una inyecci\u00f3n de HTML de la que se puede abusar, por ejemplo, para ataques de phishing o ejecuci\u00f3n de c\u00f3digo JavaScript malicioso, pero s\u00f3lo en el contexto del navegador del interesado que accede a una p\u00e1gina HTML utilizando el protocolo `file://`. La explotaci\u00f3n se limita a usuarios no autorizados de la interfaz de usuario de administraci\u00f3n, a usuarios maliciosos del sistema conectado/almacenamiento de datos y al usuario interesado si se le enga\u00f1a mediante ingenier\u00eda social para que env\u00ede datos maliciosos. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 2.23.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,18 +70,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.15.1", + "versionEndExcluding": "2.23.3", + "matchCriteriaId": "64694F6B-53E4-40E4-89FD-6BE525A038D7" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ethyca/fides/commit/50360a0e24aac858459806bb140bb1c4b71e67a1", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/ethyca/fides/releases/tag/2.23.3", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/ethyca/fides/security/advisories/GHSA-3vpf-mcj7-5h38", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47122.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47122.json index cfab4de5c62..49cb6cc7ac3 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47122.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47122.json @@ -2,16 +2,40 @@ "id": "CVE-2023-47122", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-10T22:15:14.250", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:50:16.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Gitsign is software for keyless Git signing using Sigstore. In versions of gitsign starting with 0.6.0 and prior to 0.8.0, Rekor public keys were fetched via the Rekor API, instead of through the local TUF client. If the upstream Rekor server happened to be compromised, gitsign clients could potentially be tricked into trusting incorrect signatures. There is no known compromise the default public good instance (`rekor.sigstore.dev`) - anyone using this instance is unaffected. This issue was fixed in v0.8.0. No known workarounds are available." + }, + { + "lang": "es", + "value": "Gitsign es un software para la firma Git sin llave mediante Sigstore. En las versiones de gitsign que comienzan con 0.6.0 y anteriores a 0.8.0, las claves p\u00fablicas de Rekor se obtuvieron a trav\u00e9s de la API de Rekor, en lugar de a trav\u00e9s del cliente TUF local. Si el servidor Rekor ascendente estuviera comprometido, los clientes de gitsign podr\u00edan ser enga\u00f1ados para que conf\u00eden en firmas incorrectas. No se conoce ning\u00fan compromiso con la instancia de bien p\u00fablico predeterminada (`rekor.sigstore.dev`): cualquiera que use esta instancia no se ve afectado. Este problema se solucion\u00f3 en v0.8.0. No hay workarounds conocidos disponibles." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,22 +70,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sigstore:gitsign:*:*:*:*:*:go:*:*", + "versionStartIncluding": "0.6.0", + "versionEndExcluding": "0.8.0", + "matchCriteriaId": "438E0CC3-D374-42A0-B324-2887AB9A8328" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.sigstore.dev/about/threat-model/#sigstore-threat-model", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/sigstore/gitsign/commit/cd66ccb03c86a3600955f0c15f6bfeb75f697236", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/sigstore/gitsign/pull/399", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/sigstore/gitsign/security/advisories/GHSA-xvrc-2wvh-49vc", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47127.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47127.json index e0d0d909589..c3877a89295 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47127.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47127.json @@ -2,12 +2,16 @@ "id": "CVE-2023-47127", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-14T20:15:08.230", - "lastModified": "2023-11-14T21:38:09.280", + "lastModified": "2023-11-16T18:15:06.943", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can be reused on the second site without requiring additional authentication. This vulnerability has been addressed in versions 8.7.55, 9.5.44, 10.4.41, 11.5.33, and 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "TYPO3 es un sistema de gesti\u00f3n de contenido web basado en PHP de c\u00f3digo abierto publicado bajo GNU GPL. En las instalaciones de typo3 siempre hay al menos dos sitios diferentes. P.ej. first.example.org y second.example.com. En las versiones afectadas, una cookie de sesi\u00f3n generada para el primer sitio se puede reutilizar en el segundo sitio sin requerir autenticaci\u00f3n adicional. Esta vulnerabilidad se solucion\u00f3 en las versiones 8.7.55, 9.5.44, 10.4.41, 11.5.33 y 12.4.8. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { @@ -41,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-294" + "value": "CWE-302" } ] } diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47163.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47163.json index edc5c145a80..b651a231b38 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47163.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47163.json @@ -2,27 +2,93 @@ "id": "CVE-2023-47163", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-11-13T03:15:09.743", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:16:27.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Remarshal prior to v0.17.1 expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack. Processing untrusted YAML files may cause a denial-of-service (DoS) condition." + }, + { + "lang": "es", + "value": "Remarshal anterior a v0.17.1 expande los nodos de alias YAML de forma ilimitada, por lo que Remarshal es vulnerable a Billion Laughs Attack. El procesamiento de archivos YAML que no son de confianza puede provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-674" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:remarshal_project:remarshal:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.17.1", + "matchCriteriaId": "A664F861-2169-4499-94F0-F80C46FCD477" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/remarshal-project/remarshal/commit/fd6ac799a02f533c3fc243b49cdd6d21aa7ee494", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/remarshal-project/remarshal/releases/tag/v0.17.1", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Release Notes" + ] }, { "url": "https://jvn.jp/en/jp/JVN86156389/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47164.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47164.json index cf89a254e31..1b0a3e1dec1 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47164.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47164.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47164", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-11-10T09:15:07.363", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:57:24.673", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,19 +14,81 @@ "value": "Una vulnerabilidad de Cross-site scripting en HOTELDRUID 3.0.5 y versiones anteriores permite que un atacante remoto no autenticado ejecute un script arbitrario en el navegador web del usuario que inicia sesi\u00f3n en el producto." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:digitaldruid:hoteldruid:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.0.5", + "matchCriteriaId": "251580B4-8DB6-4B46-B11C-094EECAE7D85" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN99177549/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.hoteldruid.com/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.hoteldruid.com/en/download.html", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-475xx/CVE-2023-47514.json b/CVE-2023/CVE-2023-475xx/CVE-2023-47514.json new file mode 100644 index 00000000000..807b3bab385 --- /dev/null +++ b/CVE-2023/CVE-2023-475xx/CVE-2023-47514.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-47514", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-11-16T18:15:07.060", + "lastModified": "2023-11-16T18:15:07.060", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin <=\u00a02.0.3 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/star-cloudprnt-for-woocommerce/wordpress-star-cloudprnt-for-woocommerce-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-475xx/CVE-2023-47516.json b/CVE-2023/CVE-2023-475xx/CVE-2023-47516.json index 2e2b460d0d6..312abd8cbc9 100644 --- a/CVE-2023/CVE-2023-475xx/CVE-2023-47516.json +++ b/CVE-2023/CVE-2023-475xx/CVE-2023-47516.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47516", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-13T04:15:08.287", - "lastModified": "2023-11-13T14:12:08.260", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:16:05.383", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:starkdigital:category_post_list_widget:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0", + "matchCriteriaId": "A75CE266-5FAF-4FB0-8937-A238F292A101" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/category-post-list-widget/wordpress-category-post-list-widget-plugin-2-0-csrf-to-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47610.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47610.json index ea521f9df5e..e0eeab8b6e3 100644 --- a/CVE-2023/CVE-2023-476xx/CVE-2023-47610.json +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47610.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47610", "sourceIdentifier": "vulnerability@kaspersky.com", "published": "2023-11-09T17:15:08.960", - "lastModified": "2023-11-09T19:32:04.093", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:19:06.217", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "vulnerability@kaspersky.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "vulnerability@kaspersky.com", "type": "Secondary", @@ -50,10 +80,285 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:bgs5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "236A82FB-6772-43F5-BFE5-378A6F740A25" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:bgs5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ACE7A300-7A40-49FB-95A3-4F75796A6DB1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:ehs5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C33F8018-2AA2-4AA2-B97A-FB848F5D1C06" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:ehs5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5E937F19-944A-4D76-AF25-488FD30FABBB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:ehs6_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EEA2FCCD-752B-4DAB-8353-EF1B35AB143F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:ehs6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57219468-C424-43D0-98C0-A85A250AB733" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:ehs8_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4C74BE72-65CB-4DF3-8AE3-EBCFCD640BFD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:ehs8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "691F7CF3-B36D-4440-A8A8-A4863FD5E828" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pds5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1969DA7-72FC-4981-A3D5-A7919AA5D774" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pds5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1F563DF9-B922-4FCF-8078-EA354F0ED5B5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pds6_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70E71C87-3011-43DB-ADB0-A926C7A8E87A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pds6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EB6E32F2-2723-43B9-A730-22BCF9D420B0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pds8_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1418767F-34D5-41A0-82BB-BBA7575DD21D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pds8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6F08EFD2-855A-498D-B88E-59414317BBFC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:els61_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B580262-9CF7-4FE4-99E6-F3486A498F10" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:els61:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DEEA5EE5-4F4A-4684-A15E-13AD8D553D3B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:els81_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AAAC546F-9F47-4AFC-93EF-9261BFCE9ECB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:els81:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BE8E98E9-4BB6-48E5-89ED-420653101A2C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pls62_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A4647F52-2F3E-45F3-BD84-B54950A06AC8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pls62:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AF3DBFD6-1C3D-4A8B-B458-E85DE4AF86BF" + } + ] + } + ] + } + ], "references": [ { "url": "https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-23-018-telit-cinterion-thales-gemalto-modules-buffer-copy-without-checking-size-of-input-vulnerability/", - "source": "vulnerability@kaspersky.com" + "source": "vulnerability@kaspersky.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47611.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47611.json index 59765b8a52c..cec7f122b36 100644 --- a/CVE-2023/CVE-2023-476xx/CVE-2023-47611.json +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47611.json @@ -2,16 +2,40 @@ "id": "CVE-2023-47611", "sourceIdentifier": "vulnerability@kaspersky.com", "published": "2023-11-10T17:15:07.380", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:51:56.440", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to elevate privileges to \"manufacturer\" level on the targeted system." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad CWE-269: Gesti\u00f3n de Privilegios Inadecuada en Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 que podr\u00eda permitir a un atacante local con pocos privilegios elevar los privilegios al nivel de \"fabricante\" en el sistema de destino." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "vulnerability@kaspersky.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "vulnerability@kaspersky.com", "type": "Secondary", @@ -46,10 +80,285 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:bgs5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "236A82FB-6772-43F5-BFE5-378A6F740A25" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:bgs5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ACE7A300-7A40-49FB-95A3-4F75796A6DB1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:ehs5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C33F8018-2AA2-4AA2-B97A-FB848F5D1C06" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:ehs5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5E937F19-944A-4D76-AF25-488FD30FABBB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:ehs6_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EEA2FCCD-752B-4DAB-8353-EF1B35AB143F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:ehs6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57219468-C424-43D0-98C0-A85A250AB733" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:ehs8_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4C74BE72-65CB-4DF3-8AE3-EBCFCD640BFD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:ehs8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "691F7CF3-B36D-4440-A8A8-A4863FD5E828" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pds5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1969DA7-72FC-4981-A3D5-A7919AA5D774" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pds5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1F563DF9-B922-4FCF-8078-EA354F0ED5B5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pds6_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70E71C87-3011-43DB-ADB0-A926C7A8E87A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pds6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EB6E32F2-2723-43B9-A730-22BCF9D420B0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pds8_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1418767F-34D5-41A0-82BB-BBA7575DD21D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pds8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6F08EFD2-855A-498D-B88E-59414317BBFC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:els61_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B580262-9CF7-4FE4-99E6-F3486A498F10" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:els61:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DEEA5EE5-4F4A-4684-A15E-13AD8D553D3B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:els81_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AAAC546F-9F47-4AFC-93EF-9261BFCE9ECB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:els81:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BE8E98E9-4BB6-48E5-89ED-420653101A2C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pls62_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A4647F52-2F3E-45F3-BD84-B54950A06AC8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pls62:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AF3DBFD6-1C3D-4A8B-B458-E85DE4AF86BF" + } + ] + } + ] + } + ], "references": [ { "url": "https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-216-telit-cinterion-thales-gemalto-modules-improper-privilege-management-vulnerability/", - "source": "vulnerability@kaspersky.com" + "source": "vulnerability@kaspersky.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47614.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47614.json index 444f909512b..c179788c4be 100644 --- a/CVE-2023/CVE-2023-476xx/CVE-2023-47614.json +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47614.json @@ -2,16 +2,40 @@ "id": "CVE-2023-47614", "sourceIdentifier": "vulnerability@kaspersky.com", "published": "2023-11-10T16:15:33.860", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:53:21.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to disclose hidden virtual paths and file names on the targeted system." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad CWE-200: Exposici\u00f3n de Informaci\u00f3n Confidencial a un Actor No Autorizado en Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 que podr\u00eda permitir una vulnerabilidad local, un atacante con pocos privilegios revela rutas virtuales ocultas y nombres de archivos en el sistema objetivo." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + }, { "source": "vulnerability@kaspersky.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "vulnerability@kaspersky.com", "type": "Secondary", @@ -46,10 +80,285 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:bgs5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "236A82FB-6772-43F5-BFE5-378A6F740A25" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:bgs5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ACE7A300-7A40-49FB-95A3-4F75796A6DB1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:ehs5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C33F8018-2AA2-4AA2-B97A-FB848F5D1C06" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:ehs5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5E937F19-944A-4D76-AF25-488FD30FABBB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:ehs6_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EEA2FCCD-752B-4DAB-8353-EF1B35AB143F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:ehs6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57219468-C424-43D0-98C0-A85A250AB733" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:ehs8_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4C74BE72-65CB-4DF3-8AE3-EBCFCD640BFD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:ehs8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "691F7CF3-B36D-4440-A8A8-A4863FD5E828" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pds5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1969DA7-72FC-4981-A3D5-A7919AA5D774" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pds5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1F563DF9-B922-4FCF-8078-EA354F0ED5B5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pds6_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70E71C87-3011-43DB-ADB0-A926C7A8E87A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pds6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EB6E32F2-2723-43B9-A730-22BCF9D420B0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pds8_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1418767F-34D5-41A0-82BB-BBA7575DD21D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pds8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6F08EFD2-855A-498D-B88E-59414317BBFC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:els61_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B580262-9CF7-4FE4-99E6-F3486A498F10" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:els61:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DEEA5EE5-4F4A-4684-A15E-13AD8D553D3B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:els81_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AAAC546F-9F47-4AFC-93EF-9261BFCE9ECB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:els81:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BE8E98E9-4BB6-48E5-89ED-420653101A2C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:telit:pls62_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A4647F52-2F3E-45F3-BD84-B54950A06AC8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:telit:pls62:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AF3DBFD6-1C3D-4A8B-B458-E85DE4AF86BF" + } + ] + } + ] + } + ], "references": [ { "url": "https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-210-telit-cinterion-thales-gemalto-modules-exposure-of-sensitive-information-to-an-unauthorized-actor-vulnerability/", - "source": "vulnerability@kaspersky.com" + "source": "vulnerability@kaspersky.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47652.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47652.json index 04309851850..2a4de65009d 100644 --- a/CVE-2023/CVE-2023-476xx/CVE-2023-47652.json +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47652.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47652", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-13T04:15:08.497", - "lastModified": "2023-11-13T14:12:08.260", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:15:46.740", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:autoaffiliatelinks:auto_affiliate_links:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "6.4.2.5", + "matchCriteriaId": "962D4F05-9E3F-4836-B8F7-CC8BC9654900" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-auto-affiliate-links/wordpress-auto-affiliate-links-plugin-6-4-2-3-csrf-lead-to-stored-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47669.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47669.json index 1b9a9a31a3d..09c728bbf43 100644 --- a/CVE-2023/CVE-2023-476xx/CVE-2023-47669.json +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47669.json @@ -2,16 +2,40 @@ "id": "CVE-2023-47669", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-13T02:15:09.043", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:39:26.880", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs User Profile Builder \u2013 Beautiful User Registration Forms, User Profiles & User Role Editor plugin <=\u00a03.10.3 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Cozmoslabs User Profile Builder \u2013 Beautiful User Registration Forms, User Profiles & User Role Editor en versiones <= 3.10.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.10.4", + "matchCriteriaId": "3FEF4C25-C251-4CBE-881B-8FE78D191437" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/profile-builder/wordpress-user-profile-builder-plugin-3-10-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47690.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47690.json index 9437063cfcd..7d03caf7973 100644 --- a/CVE-2023/CVE-2023-476xx/CVE-2023-47690.json +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47690.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47690", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-13T23:15:08.003", - "lastModified": "2023-11-14T15:15:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:35:54.523", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:antonbond:additional_order_filters_for_woocommerce:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.10", + "matchCriteriaId": "78B3DA93-B44C-46C8-9CA2-F57F50DCF3C6" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/additional-order-filters-for-woocommerce/wordpress-additional-order-filters-for-woocommerce-plugin-1-10-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4771.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4771.json index d8b39cead13..39fe041e27b 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4771.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4771.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4771", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2023-11-16T14:15:28.913", - "lastModified": "2023-11-16T14:15:28.913", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:48.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48052.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48052.json new file mode 100644 index 00000000000..2da5c07df45 --- /dev/null +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48052.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-48052", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-16T18:15:07.250", + "lastModified": "2023-11-16T18:15:07.250", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gxx777.github.io/HTTPie_3.2.2_Cryptographic_API_Misuse_Vulnerability.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48053.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48053.json new file mode 100644 index 00000000000..508c8c71dca --- /dev/null +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48053.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-48053", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-16T18:15:07.297", + "lastModified": "2023-11-16T18:15:07.297", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gxx777.github.io/Archery_v1.10.0_Cryptographic_API_Misuse_Vulnerability.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48054.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48054.json new file mode 100644 index 00000000000..ebe29faf4b7 --- /dev/null +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48054.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-48054", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-16T18:15:07.343", + "lastModified": "2023-11-16T18:15:07.343", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gxx777.github.io/localstack_v_2.3.2_Cryptographic_API_Misuse_Vulnerability.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48055.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48055.json new file mode 100644 index 00000000000..eca580e1e53 --- /dev/null +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48055.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-48055", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-16T18:15:07.390", + "lastModified": "2023-11-16T18:15:07.390", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gxx777.github.io/SuperAGI_v0.0.13_Cryptographic_API_Misuse_Vulnerability.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48056.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48056.json new file mode 100644 index 00000000000..b15cead7af2 --- /dev/null +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48056.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-48056", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-16T18:15:07.440", + "lastModified": "2023-11-16T18:15:07.440", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://bandoche.com", + "source": "cve@mitre.org" + }, + { + "url": "http://pypinksign.com", + "source": "cve@mitre.org" + }, + { + "url": "https://gxx777.github.io/PyPinkSign_v0.5.1_Cryptographic_API_Misuse_Vulnerability.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48058.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48058.json index 372e295272e..f8e75b0d60f 100644 --- a/CVE-2023/CVE-2023-480xx/CVE-2023-48058.json +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48058.json @@ -2,19 +2,79 @@ "id": "CVE-2023-48058", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T16:15:28.080", - "lastModified": "2023-11-13T18:44:54.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:34:52.187", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/task/run" + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Dreamer CMS v4.1.3 contiene Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente /admin/task/run" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/CP1379767017/cms/blob/main/CSRF%20exists%20at%20the%20task%20management%20execution%20task%20location.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48060.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48060.json index df3b7baacf8..8886a53c6c0 100644 --- a/CVE-2023/CVE-2023-480xx/CVE-2023-48060.json +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48060.json @@ -2,19 +2,79 @@ "id": "CVE-2023-48060", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T16:15:28.150", - "lastModified": "2023-11-13T18:44:54.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:35:04.087", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/task/add" + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Dreamer CMS v4.1.3 contiene Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente /admin/task/add" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/CP1379767017/cms/blob/main/CSRF%20exists%20at%20the%20location%20where%20task%20management%20adds%20tasks.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48063.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48063.json index 13cf91a548b..af4768d0082 100644 --- a/CVE-2023/CVE-2023-480xx/CVE-2023-48063.json +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48063.json @@ -2,19 +2,79 @@ "id": "CVE-2023-48063", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T16:15:28.200", - "lastModified": "2023-11-13T18:44:54.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:35:21.507", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in dreamer_cms 4.1.3. There is a CSRF vulnerability that can delete a theme project via /admin/category/delete." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en dreamer_cms 4.1.3. Existe una vulnerabilidad CSRF que puede eliminar un proyecto de tema a trav\u00e9s de /admin/category/delete." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/CP1379767017/cms/blob/dreamcms_vul/There%20is%20a%20CSRF%20vulnerability%20at%20th%20menu%20management%20location.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48068.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48068.json index bed83fb8016..f5f15496bba 100644 --- a/CVE-2023/CVE-2023-480xx/CVE-2023-48068.json +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48068.json @@ -2,19 +2,78 @@ "id": "CVE-2023-48068", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-13T16:15:28.243", - "lastModified": "2023-11-13T18:44:54.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:35:37.623", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "DedeCMS v6.2 was discovered to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que DedeCMS v6.2 contiene una vulnerabilidad de Cross-site Scripting (XSS) a trav\u00e9s de spec_add.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dedecms:dedecms:6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "9FF3C77B-5D8B-452E-860A-D7C4C8C0BCE9" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/CP1379767017/cms/blob/dreamcms_vul/dedevCMS/dedeCMS_XSS.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4804.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4804.json index 19bb0d6a7f5..e30c5954aa9 100644 --- a/CVE-2023/CVE-2023-48xx/CVE-2023-4804.json +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4804.json @@ -2,16 +2,40 @@ "id": "CVE-2023-4804", "sourceIdentifier": "productsecurity@jci.com", "published": "2023-11-10T23:15:07.743", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:45:01.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An\u00a0unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed." + }, + { + "lang": "es", + "value": "Un usuario no autorizado podr\u00eda acceder a las funciones de depuraci\u00f3n de los productos Quantum HD Unity que quedaron expuestos accidentalmente." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "productsecurity@jci.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "productsecurity@jci.com", "type": "Secondary", @@ -46,14 +80,239 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_compressor_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.00", + "versionEndExcluding": "11.22", + "matchCriteriaId": "F1B48F7F-42AA-45AA-8FC7-F93FA3136139" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_compressor_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.00", + "versionEndExcluding": "12.22", + "matchCriteriaId": "2017C20F-3D16-4848-A0EF-42B4B4EBE345" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:johnsoncontrols:quantum_hd_unity_compressor:-:*:*:*:*:*:*:*", + "matchCriteriaId": "640BFA18-318D-41FA-BBE1-C91234A25A1B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_acuair_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.00", + "versionEndExcluding": "11.12", + "matchCriteriaId": "A7E3C78C-D372-4CF3-BA1B-3F2DF3EDF364" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_acuair_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.00", + "versionEndExcluding": "12.12", + "matchCriteriaId": "607F1C13-830D-4B8D-8BCF-42A8AEDB3147" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:johnsoncontrols:quantum_hd_unity_acuair:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2EC4238A-8CE2-4DBE-BAE5-9E687725CCB2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_condenser\\/vessel_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.00", + "versionEndExcluding": "11.11", + "matchCriteriaId": "A84D6C4C-55F8-4E99-9BFC-F1C4E554F933" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_condenser\\/vessel_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.00", + "versionEndExcluding": "12.11", + "matchCriteriaId": "E69F5AF9-715A-4AAB-BCB2-5B8AEE775BE6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:johnsoncontrols:quantum_hd_unity_condenser\\/vessel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1139B733-1714-4111-B53C-4644A736B734" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_evaporator_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.00", + "versionEndExcluding": "11.11", + "matchCriteriaId": "1CE01D66-6D85-4685-87D7-CA3A8D976412" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_evaporator_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.00", + "versionEndExcluding": "12.11", + "matchCriteriaId": "29520C3D-1083-47BE-9B61-652579E28867" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:johnsoncontrols:quantum_hd_unity_evaporator:-:*:*:*:*:*:*:*", + "matchCriteriaId": "769190A6-EF60-470F-B308-64DDD4D96C79" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_engine_room_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.00", + "versionEndExcluding": "11.11", + "matchCriteriaId": "02F0D946-8D1D-42E2-8C55-2D9098AFC9E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_engine_room_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.00", + "versionEndExcluding": "12.11", + "matchCriteriaId": "C3AACE2F-4103-40FC-B1A5-79657AC808FE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:johnsoncontrols:quantum_hd_unity_engine_room:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BC48EFE2-04CD-491E-A127-E4F4370C202D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_interface_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.00", + "versionEndExcluding": "11.11", + "matchCriteriaId": "5A617CBC-3B72-46EC-B7B6-F51EFC1CD0E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:johnsoncontrols:quantum_hd_unity_interface_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.00", + "versionEndExcluding": "12.11", + "matchCriteriaId": "27A27741-45EE-4F9F-98F2-260804055A19" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:johnsoncontrols:quantum_hd_unity_interface:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C0E1361-A1D8-43AD-B0C7-9D54049DF6A8" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-313-01", - "source": "productsecurity@jci.com" + "source": "productsecurity@jci.com", + "tags": [ + "Third Party Advisory", + "US Government Resource" + ] }, { "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", - "source": "productsecurity@jci.com" + "source": "productsecurity@jci.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4891.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4891.json index 0457e3912f4..7463da96f20 100644 --- a/CVE-2023/CVE-2023-48xx/CVE-2023-4891.json +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4891.json @@ -2,16 +2,40 @@ "id": "CVE-2023-4891", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-11-08T22:15:11.593", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:01:59.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nA potential use-after-free vulnerability was reported in the Lenovo View driver that could result in denial of service. \n\n" + }, + { + "lang": "es", + "value": "Se inform\u00f3 de una posible vulnerabilidad de use-after-free en el controlador Lenovo View que podr\u00eda provocar una denegaci\u00f3n de servicio." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +70,44 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lenovo:view_driver:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.3.18.1", + "matchCriteriaId": "DEE94F02-1D32-4170-AC42-7A30BE3A574F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-135344", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-50xx/CVE-2023-5075.json b/CVE-2023/CVE-2023-50xx/CVE-2023-5075.json index a13b8fe1391..46ace0b5f34 100644 --- a/CVE-2023/CVE-2023-50xx/CVE-2023-5075.json +++ b/CVE-2023/CVE-2023-50xx/CVE-2023-5075.json @@ -2,16 +2,40 @@ "id": "CVE-2023-5075", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-11-08T22:15:11.770", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:01:47.087", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that may allow a local attacker with elevated privileges to execute arbitrary code." + }, + { + "lang": "es", + "value": "Se inform\u00f3 de un desbordamiento del b\u00fafer en el controlador FmpSipoCapsuleDriver en el IdeaPad Duet 3-10IGL5 que puede permitir que un atacante local con privilegios elevados ejecute c\u00f3digo arbitrario." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +70,43 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:ideapad_duet_3_10igl5_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "eqcn39ww", + "matchCriteriaId": "934DAF3B-D040-45DC-90F5-E13B0846E857" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:ideapad_duet_3_10igl5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C6ED2CCF-A6BB-45C8-B729-31241AA7254A" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-141775", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-50xx/CVE-2023-5078.json b/CVE-2023/CVE-2023-50xx/CVE-2023-5078.json index 2e159be8164..0544281139c 100644 --- a/CVE-2023/CVE-2023-50xx/CVE-2023-5078.json +++ b/CVE-2023/CVE-2023-50xx/CVE-2023-5078.json @@ -2,16 +2,40 @@ "id": "CVE-2023-5078", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-11-08T22:15:11.957", - "lastModified": "2023-11-09T13:46:19.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:01:15.060", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware." + }, + { + "lang": "es", + "value": "Se inform\u00f3 una vulnerabilidad en algunos BIOS de ThinkPad que podr\u00eda permitir que un atacante f\u00edsico o local con privilegios elevados altere el firmware del BIOS." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +70,562 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_x13_gen_3_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "51AEE592-1F68-413B-A670-B0F6F3D110EC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_x13_gen_3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8C890D81-D9C9-4AEB-A12E-DF79528876CD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_7_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.19", + "matchCriteriaId": "B01C37DE-CD3B-41B1-AD51-9A50756895AC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D1040935-6004-4539-992A-FCDDC84333B5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_6_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2FF1F949-A465-4F73-9C63-0D74CC4A0DC3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3B2279C8-0F44-4CA3-9AED-F31E3C3327D8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_s2_gen_8_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "61017FB7-72EF-4FD5-8B22-D583050545CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_s2_gen_8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "826861DB-719A-40DE-B813-CE51EDEC84D2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_p14s_gen_3_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A77BE2A8-C168-4F8D-B171-B0BDA4F6987D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_p14s_gen_3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C54E4EC5-68F4-484D-8A1A-607207073291" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_p16s_gen_1_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "75543F74-E28E-44A9-B33E-F282F1FCCAD2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_p16s_gen_1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5DBC3DED-A725-4686-BACD-FD2AC33D4B4C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_t14_gen_3_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "85C2DBDC-539A-4E63-90A0-17D92B800586" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_t14_gen_3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "33F5E4AC-0BB5-4582-A68B-B044AE1FDDF3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_t14s_gen_3_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1BC69FC7-7B0F-4F20-A067-A685EC15FD74" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_t14s_gen_3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3F5560A-10AE-46AE-A609-C8EB9287F779" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_t16_gen_1_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "013EEF43-FF93-4F37-A1A6-950446B75E48" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_t16_gen_1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A04B796B-A40C-43BC-8027-2539BBECF001" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_3_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.23", + "matchCriteriaId": "C9C3B900-6538-4D4D-A3E6-E216238AC569" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E774C0D8-4712-414D-B9B9-214AAC710B63" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_4_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.1", + "matchCriteriaId": "FFA1173E-8292-4C93-9D71-242BBC87306B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "181D4876-394F-4FE0-91B8-16267F987D18" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_3_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.23", + "matchCriteriaId": "67569E35-EBF9-4EC0-A6D4-35BC80424093" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E4ACCDD8-A4F5-4805-91FC-4464A1FB46BA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_4_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.1", + "matchCriteriaId": "77783297-A20A-4137-8E0F-1600AC0EAE7D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0ED6441F-C705-40D0-9FDF-7471955D6610" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_4_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "06CEB116-4F8D-4573-8E65-C6FC5A65455E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D619CDB5-510B-443F-8772-CB09DD68190D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_3_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.19", + "matchCriteriaId": "1DA62157-F2A9-4868-B7BA-C15BD4EAFD77" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B43B845-C95E-47DF-8AEB-7ADB650A5425" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66645F82-9F66-4AEF-B11E-266C7EF154B1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0CB43443-ED65-4CF5-8FDA-3BCC1E2BD5A2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_4_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3F7C2C57-6EE4-4B33-8EF8-C0BD769DF480" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0D5606FE-0787-44AD-97B8-AAB560056ED5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_3_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.19", + "matchCriteriaId": "7A6606CF-CCC8-4061-A989-3519EEA48E4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7D6D51EE-16C2-4090-8872-E69E55D5D4A7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1FF9C24C-203D-4AA7-BBE9-20B0418514C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3E560943-6A00-4423-91F3-FBBBBB978F6B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_8_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "839CD19A-A6B3-4F2A-B7F5-D2DF08933ADC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8DA25359-AE51-45EA-8507-40953790E04E" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-141775", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-55xx/CVE-2023-5539.json b/CVE-2023/CVE-2023-55xx/CVE-2023-5539.json index 70ddf01e6c4..5b2516f1878 100644 --- a/CVE-2023/CVE-2023-55xx/CVE-2023-5539.json +++ b/CVE-2023/CVE-2023-55xx/CVE-2023-5539.json @@ -2,16 +2,40 @@ "id": "CVE-2023-5539", "sourceIdentifier": "patrick@puiterwijk.org", "published": "2023-11-09T20:15:08.920", - "lastModified": "2023-11-09T20:51:06.133", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:17:35.113", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers." + }, + { + "lang": "es", + "value": "Se identific\u00f3 un riesgo de ejecuci\u00f3n remota de c\u00f3digo en la actividad Lesson. Por defecto, esto s\u00f3lo estaba disponible para profesores y directivos." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "patrick@puiterwijk.org", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + }, { "source": "patrick@puiterwijk.org", "type": "Secondary", @@ -46,18 +80,96 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.9.24", + "matchCriteriaId": "A2A8D2D9-48FE-417F-8062-65794AA65706" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.11.0", + "versionEndExcluding": "3.11.17", + "matchCriteriaId": "7C058D38-D206-4BEC-B647-4CD1808A1FC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0", + "versionEndExcluding": "4.0.11", + "matchCriteriaId": "4827B277-0EC2-4254-B6DF-F18475A6253C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.1.0", + "versionEndExcluding": "4.1.6", + "matchCriteriaId": "E660C47C-2CB3-4B06-B98A-F8EE211F798A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2.0", + "versionEndExcluding": "4.2.3", + "matchCriteriaId": "C65020B8-B78E-4B59-B894-3F223D769078" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "3D9C7598-4BB4-442A-86DF-EEDE041A4CC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + } + ] + } + ] + } + ], "references": [ { "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79408", - "source": "patrick@puiterwijk.org" + "source": "patrick@puiterwijk.org", + "tags": [ + "Patch" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243352", - "source": "patrick@puiterwijk.org" + "source": "patrick@puiterwijk.org", + "tags": [ + "Issue Tracking", + "Patch", + "Third Party Advisory" + ] }, { "url": "https://moodle.org/mod/forum/discuss.php?d=451580", - "source": "patrick@puiterwijk.org" + "source": "patrick@puiterwijk.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5913.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5913.json index c034ad15a27..545b85c2780 100644 --- a/CVE-2023/CVE-2023-59xx/CVE-2023-5913.json +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5913.json @@ -2,16 +2,40 @@ "id": "CVE-2023-5913", "sourceIdentifier": "security@opentext.com", "published": "2023-11-08T17:15:08.193", - "lastModified": "2023-11-08T17:25:02.317", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:00:33.503", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de asignaci\u00f3n de privilegios incorrecta en texto abierto Fortify ScanCentral DAST. La vulnerabilidad podr\u00eda aprovecharse para obtener privilegios elevados. Este problema afecta a Fortify ScanCentral DAST versiones 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security@opentext.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@opentext.com", "type": "Secondary", @@ -46,10 +80,60 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.1:*:*:*:*:*:*:*", + "matchCriteriaId": "5578907C-9142-461B-88F3-D4510D57E23A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2:*:*:*:*:*:*:*", + "matchCriteriaId": "DDE09FF8-AFDD-4F5E-AF44-FFE8854F5763" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "8EF4C5A3-E698-469A-A8AB-223AC6013B1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1:*:*:*:*:*:*:*", + "matchCriteriaId": "0926D3A0-76B2-435C-B691-58B51EDF81B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "956F2EB1-BF27-4F42-A325-E9F91EF60E5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.2:*:*:*:*:*:*:*", + "matchCriteriaId": "6DA67A67-DC1E-4FC0-8A9B-8A2192E939BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:23.1:*:*:*:*:*:*:*", + "matchCriteriaId": "9BFD11CE-87C4-40A2-A6EA-80CF1D465F4B" + } + ] + } + ] + } + ], "references": [ { "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US", - "source": "security@opentext.com" + "source": "security@opentext.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6013.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6013.json new file mode 100644 index 00000000000..08c311e4207 --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6013.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6013", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-11-16T17:15:08.460", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://huntr.com/bounties/9881569f-dc2a-437e-86b0-20d4b70ae7af", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6015.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6015.json index 184b642f2ff..8acb2f2357d 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6015.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6015.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6015", "sourceIdentifier": "security@huntr.dev", "published": "2023-11-16T16:15:34.370", - "lastModified": "2023-11-16T16:15:34.370", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6016.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6016.json index 1ad2d8cc9c5..5f36710dc84 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6016.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6016.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6016", "sourceIdentifier": "security@huntr.dev", "published": "2023-11-16T16:15:34.680", - "lastModified": "2023-11-16T16:15:34.680", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6017.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6017.json new file mode 100644 index 00000000000..00a7ba9415f --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6017.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6017", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-11-16T17:15:08.643", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-840" + } + ] + } + ], + "references": [ + { + "url": "https://huntr.com/bounties/6a69952f-a1ba-4dee-9d8c-e87f52508b58", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6018.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6018.json index 9069fa66c00..1e76f64cee4 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6018.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6018.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6018", "sourceIdentifier": "security@huntr.dev", "published": "2023-11-16T16:15:34.880", - "lastModified": "2023-11-16T16:15:34.880", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6019.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6019.json new file mode 100644 index 00000000000..78f099d2570 --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6019.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6019", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-11-16T17:15:08.830", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A command injection exists in Ray's cpu_profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://huntr.com/bounties/d0290f3c-b302-4161-89f2-c13bb28b4cfe", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6021.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6021.json new file mode 100644 index 00000000000..3a6f5e0aa32 --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6021.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6021", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-11-16T17:15:09.020", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-29" + } + ] + } + ], + "references": [ + { + "url": "https://huntr.com/bounties/5039c045-f986-4cbc-81ac-370fe4b0d3f8", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6022.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6022.json new file mode 100644 index 00000000000..829a3264438 --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6022.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6022", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-11-16T17:15:09.200", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An attacker is able to steal secrets and potentially gain remote code execution via CSRF using the Prefect API." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://huntr.com/bounties/dab47d99-551c-4355-9ab1-c99cb90235af", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6023.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6023.json index 6b245119f53..61b2a10612e 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6023.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6023.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6023", "sourceIdentifier": "security@huntr.dev", "published": "2023-11-16T16:15:35.057", - "lastModified": "2023-11-16T16:15:35.057", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6038.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6038.json new file mode 100644 index 00000000000..dddf66c9bb4 --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6038.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6038", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-11-16T17:15:09.373", + "lastModified": "2023-11-16T17:30:31.273", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An attacker is able to read any file on the server hosting the H2O dashboard without any authentication." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-29" + } + ] + } + ], + "references": [ + { + "url": "https://huntr.com/bounties/380fce33-fec5-49d9-a101-12c972125d8c", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6039.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6039.json index 8bda3047b30..91b89129cdf 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6039.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6039.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6039", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-09T15:15:09.133", - "lastModified": "2023-11-09T17:13:29.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:59:48.420", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla de use-after-free en lan78xx_disconnect en drivers/net/usb/lan78xx.c en el subcomponente de red, net/usb/lan78xx en el kernel de Linux. Esta falla permite que un atacante local bloquee el sistema cuando el dispositivo USB LAN78XX se desconecta." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -46,18 +80,67 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.5", + "matchCriteriaId": "98C491C7-598A-4D36-BA4F-3505A5727ED1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*", + "matchCriteriaId": "0B3E6E4D-E24E-4630-B00C-8C9901C597B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*", + "matchCriteriaId": "E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*", + "matchCriteriaId": "F5608371-157A-4318-8A2E-4104C3467EA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*", + "matchCriteriaId": "2226A776-DF8C-49E0-A030-0A7853BB018A" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-6039", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248755", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Patch", + "Third Party Advisory" + ] }, { "url": "https://github.com/torvalds/linux/commit/1e7417c188d0a83fb385ba2dbe35fd2563f2b6f3", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6052.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6052.json index 5fbcaf14efa..bf18b305191 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6052.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6052.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6052", "sourceIdentifier": "cna@vuldb.com", "published": "2023-11-09T13:15:07.870", - "lastModified": "2023-11-09T13:46:10.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:04:08.497", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. Affected is an unknown function of the file general/system/censor_words/module/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-244872. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tongda OA 2017 hasta 11.9 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo general/system/censor_words/module/delete.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento DELETE_STR conduce a la inyecci\u00f3n SQL. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 11.10 puede solucionar este problema. Se recomienda actualizar el componente afectado. El identificador de esta vulnerabilidad es VDB-244872. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,50 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tongda2000:tongda_oa:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.10", + "matchCriteriaId": "17F21834-2024-4969-BB2C-1C56D7C85F5D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/kenankkkkk/cve/blob/main/sql.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.244872", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.244872", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6053.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6053.json index e2b9fcbf008..a356f652680 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6053.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6053.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6053", "sourceIdentifier": "cna@vuldb.com", "published": "2023-11-09T19:15:08.577", - "lastModified": "2023-11-09T19:32:04.093", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T18:04:27.793", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.9. Affected by this issue is some unknown functionality of the file general/system/censor_words/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-244874 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tongda OA 2017 hasta 11.9 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo general/system/censor_words/manage/delete.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento DELETE_STR conduce a la inyecci\u00f3n SQL. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 11.10 puede solucionar este problema. Se recomienda actualizar el componente afectado. VDB-244874 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,50 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tongda2000:tongda_oa:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.10", + "matchCriteriaId": "17F21834-2024-4969-BB2C-1C56D7C85F5D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Conan0313/cve/blob/main/sql.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.244874", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.244874", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6074.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6074.json index 1eca0f0df78..17083c05736 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6074.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6074.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6074", "sourceIdentifier": "cna@vuldb.com", "published": "2023-11-10T15:15:09.310", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:57:42.757", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. This issue affects some unknown processing of the file check-status.php of the component Booking Reservation Handler. The manipulation leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-244943." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en PHPGurukul Restaurant Table Booking System 1.0. Ha sido calificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo check-status.php del componente Booking Reservation Handler. La manipulaci\u00f3n conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. El identificador asociado de esta vulnerabilidad es VDB-244943." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -60,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,14 +105,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:restaurant_table_booking_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "02963BE3-61BC-41D5-82BA-71B773AA8FA0" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.244943", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.244943", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6075.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6075.json index 9fa8cc50041..99048a93e52 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6075.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6075.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6075", "sourceIdentifier": "cna@vuldb.com", "published": "2023-11-10T15:15:09.567", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:57:21.953", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file index.php of the component Reservation Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-244944." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en PHPGurukul Restaurant Table Booking System 1.0 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo index.php del componente Reservation Request Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a cross site scripting. Es posible lanzar el ataque de forma remota. El identificador de esta vulnerabilidad es VDB-244944." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,14 +95,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:restaurant_table_booking_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "02963BE3-61BC-41D5-82BA-71B773AA8FA0" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.244944", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.244944", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6076.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6076.json index b1eef307a0e..6a3a64f3702 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6076.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6076.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6076", "sourceIdentifier": "cna@vuldb.com", "published": "2023-11-10T16:15:34.067", - "lastModified": "2023-11-13T03:16:20.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-16T17:53:03.493", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information disclosure. The attack can be launched remotely. The identifier VDB-244945 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en PHPGurukul Restaurant Table Booking System 1.0 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo booking-details.php del componente Reservation Status Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n de la oferta argumental conduce a la divulgaci\u00f3n de informaci\u00f3n. El ataque se puede lanzar de forma remota. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-244945." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -60,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,14 +105,41 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:restaurant_table_booking_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "02963BE3-61BC-41D5-82BA-71B773AA8FA0" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.244945", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.244945", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6121.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6121.json index ebbe0979d6f..f5cd86155ca 100644 --- a/CVE-2023/CVE-2023-61xx/CVE-2023-6121.json +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6121.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6121", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-16T15:15:11.197", - "lastModified": "2023-11-16T15:15:11.197", - "vulnStatus": "Received", + "lastModified": "2023-11-16T17:00:44.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6176.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6176.json new file mode 100644 index 00000000000..60785d24054 --- /dev/null +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6176.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6176", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-11-16T18:15:07.483", + "lastModified": "2023-11-16T18:15:07.483", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-6176", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219359", + "source": "secalert@redhat.com" + }, + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfaa80c91f6f99b9342b6557f0f0e1143e434066", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index cee5442d01a..6393db523f1 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-11-16T17:00:18.483123+00:00 +2023-11-16T19:00:18.595128+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-11-16T16:48:28.453000+00:00 +2023-11-16T18:50:42.010000+00:00 ``` ### Last Data Feed Release @@ -29,69 +29,63 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -230949 +230968 ``` ### CVEs added in the last Commit -Recently added CVEs: `29` +Recently added CVEs: `19` -* [CVE-2023-44331](CVE-2023/CVE-2023-443xx/CVE-2023-44331.json) (`2023-11-16T15:15:08.863`) -* [CVE-2023-44332](CVE-2023/CVE-2023-443xx/CVE-2023-44332.json) (`2023-11-16T15:15:09.043`) -* [CVE-2023-44333](CVE-2023/CVE-2023-443xx/CVE-2023-44333.json) (`2023-11-16T15:15:09.237`) -* [CVE-2023-44334](CVE-2023/CVE-2023-443xx/CVE-2023-44334.json) (`2023-11-16T15:15:09.450`) -* [CVE-2023-44335](CVE-2023/CVE-2023-443xx/CVE-2023-44335.json) (`2023-11-16T15:15:09.630`) -* [CVE-2023-47040](CVE-2023/CVE-2023-470xx/CVE-2023-47040.json) (`2023-11-16T15:15:10.120`) -* [CVE-2023-47041](CVE-2023/CVE-2023-470xx/CVE-2023-47041.json) (`2023-11-16T15:15:10.390`) -* [CVE-2023-47042](CVE-2023/CVE-2023-470xx/CVE-2023-47042.json) (`2023-11-16T15:15:10.650`) -* [CVE-2023-47043](CVE-2023/CVE-2023-470xx/CVE-2023-47043.json) (`2023-11-16T15:15:10.830`) -* [CVE-2023-47044](CVE-2023/CVE-2023-470xx/CVE-2023-47044.json) (`2023-11-16T15:15:11.007`) -* [CVE-2023-6121](CVE-2023/CVE-2023-61xx/CVE-2023-6121.json) (`2023-11-16T15:15:11.197`) -* [CVE-2023-26368](CVE-2023/CVE-2023-263xx/CVE-2023-26368.json) (`2023-11-16T16:15:29.547`) -* [CVE-2023-47046](CVE-2023/CVE-2023-470xx/CVE-2023-47046.json) (`2023-11-16T16:15:32.080`) -* [CVE-2023-47047](CVE-2023/CVE-2023-470xx/CVE-2023-47047.json) (`2023-11-16T16:15:32.367`) -* [CVE-2023-47048](CVE-2023/CVE-2023-470xx/CVE-2023-47048.json) (`2023-11-16T16:15:32.783`) -* [CVE-2023-47049](CVE-2023/CVE-2023-470xx/CVE-2023-47049.json) (`2023-11-16T16:15:32.973`) -* [CVE-2023-47050](CVE-2023/CVE-2023-470xx/CVE-2023-47050.json) (`2023-11-16T16:15:33.167`) -* [CVE-2023-47051](CVE-2023/CVE-2023-470xx/CVE-2023-47051.json) (`2023-11-16T16:15:33.370`) -* [CVE-2023-47052](CVE-2023/CVE-2023-470xx/CVE-2023-47052.json) (`2023-11-16T16:15:33.587`) -* [CVE-2023-47053](CVE-2023/CVE-2023-470xx/CVE-2023-47053.json) (`2023-11-16T16:15:33.770`) -* [CVE-2023-47054](CVE-2023/CVE-2023-470xx/CVE-2023-47054.json) (`2023-11-16T16:15:33.957`) -* [CVE-2023-6015](CVE-2023/CVE-2023-60xx/CVE-2023-6015.json) (`2023-11-16T16:15:34.370`) -* [CVE-2023-6016](CVE-2023/CVE-2023-60xx/CVE-2023-6016.json) (`2023-11-16T16:15:34.680`) -* [CVE-2023-6018](CVE-2023/CVE-2023-60xx/CVE-2023-6018.json) (`2023-11-16T16:15:34.880`) -* [CVE-2023-6023](CVE-2023/CVE-2023-60xx/CVE-2023-6023.json) (`2023-11-16T16:15:35.057`) +* [CVE-2023-47055](CVE-2023/CVE-2023-470xx/CVE-2023-47055.json) (`2023-11-16T17:15:07.267`) +* [CVE-2023-47056](CVE-2023/CVE-2023-470xx/CVE-2023-47056.json) (`2023-11-16T17:15:07.510`) +* [CVE-2023-47057](CVE-2023/CVE-2023-470xx/CVE-2023-47057.json) (`2023-11-16T17:15:07.700`) +* [CVE-2023-47058](CVE-2023/CVE-2023-470xx/CVE-2023-47058.json) (`2023-11-16T17:15:07.890`) +* [CVE-2023-47059](CVE-2023/CVE-2023-470xx/CVE-2023-47059.json) (`2023-11-16T17:15:08.080`) +* [CVE-2023-47060](CVE-2023/CVE-2023-470xx/CVE-2023-47060.json) (`2023-11-16T17:15:08.270`) +* [CVE-2023-6013](CVE-2023/CVE-2023-60xx/CVE-2023-6013.json) (`2023-11-16T17:15:08.460`) +* [CVE-2023-6017](CVE-2023/CVE-2023-60xx/CVE-2023-6017.json) (`2023-11-16T17:15:08.643`) +* [CVE-2023-6019](CVE-2023/CVE-2023-60xx/CVE-2023-6019.json) (`2023-11-16T17:15:08.830`) +* [CVE-2023-6021](CVE-2023/CVE-2023-60xx/CVE-2023-6021.json) (`2023-11-16T17:15:09.020`) +* [CVE-2023-6022](CVE-2023/CVE-2023-60xx/CVE-2023-6022.json) (`2023-11-16T17:15:09.200`) +* [CVE-2023-6038](CVE-2023/CVE-2023-60xx/CVE-2023-6038.json) (`2023-11-16T17:15:09.373`) +* [CVE-2023-47514](CVE-2023/CVE-2023-475xx/CVE-2023-47514.json) (`2023-11-16T18:15:07.060`) +* [CVE-2023-48052](CVE-2023/CVE-2023-480xx/CVE-2023-48052.json) (`2023-11-16T18:15:07.250`) +* [CVE-2023-48053](CVE-2023/CVE-2023-480xx/CVE-2023-48053.json) (`2023-11-16T18:15:07.297`) +* [CVE-2023-48054](CVE-2023/CVE-2023-480xx/CVE-2023-48054.json) (`2023-11-16T18:15:07.343`) +* [CVE-2023-48055](CVE-2023/CVE-2023-480xx/CVE-2023-48055.json) (`2023-11-16T18:15:07.390`) +* [CVE-2023-48056](CVE-2023/CVE-2023-480xx/CVE-2023-48056.json) (`2023-11-16T18:15:07.440`) +* [CVE-2023-6176](CVE-2023/CVE-2023-61xx/CVE-2023-6176.json) (`2023-11-16T18:15:07.483`) ### CVEs modified in the last Commit -Recently modified CVEs: `48` +Recently modified CVEs: `96` -* [CVE-2023-38552](CVE-2023/CVE-2023-385xx/CVE-2023-38552.json) (`2023-11-16T16:15:30.800`) -* [CVE-2023-38719](CVE-2023/CVE-2023-387xx/CVE-2023-38719.json) (`2023-11-16T16:15:30.990`) -* [CVE-2023-38720](CVE-2023/CVE-2023-387xx/CVE-2023-38720.json) (`2023-11-16T16:15:31.103`) -* [CVE-2023-38728](CVE-2023/CVE-2023-387xx/CVE-2023-38728.json) (`2023-11-16T16:15:31.207`) -* [CVE-2023-38740](CVE-2023/CVE-2023-387xx/CVE-2023-38740.json) (`2023-11-16T16:15:31.320`) -* [CVE-2023-39331](CVE-2023/CVE-2023-393xx/CVE-2023-39331.json) (`2023-11-16T16:15:31.433`) -* [CVE-2023-39332](CVE-2023/CVE-2023-393xx/CVE-2023-39332.json) (`2023-11-16T16:15:31.510`) -* [CVE-2023-40372](CVE-2023/CVE-2023-403xx/CVE-2023-40372.json) (`2023-11-16T16:15:31.580`) -* [CVE-2023-40373](CVE-2023/CVE-2023-403xx/CVE-2023-40373.json) (`2023-11-16T16:15:31.730`) -* [CVE-2023-40374](CVE-2023/CVE-2023-403xx/CVE-2023-40374.json) (`2023-11-16T16:15:31.900`) -* [CVE-2023-44466](CVE-2023/CVE-2023-444xx/CVE-2023-44466.json) (`2023-11-16T16:15:31.993`) -* [CVE-2023-4527](CVE-2023/CVE-2023-45xx/CVE-2023-4527.json) (`2023-11-16T16:15:34.163`) -* [CVE-2023-46382](CVE-2023/CVE-2023-463xx/CVE-2023-46382.json) (`2023-11-16T16:15:45.477`) -* [CVE-2023-46001](CVE-2023/CVE-2023-460xx/CVE-2023-46001.json) (`2023-11-16T16:17:08.710`) -* [CVE-2023-3282](CVE-2023/CVE-2023-32xx/CVE-2023-3282.json) (`2023-11-16T16:26:39.977`) -* [CVE-2023-47616](CVE-2023/CVE-2023-476xx/CVE-2023-47616.json) (`2023-11-16T16:33:29.880`) -* [CVE-2023-47615](CVE-2023/CVE-2023-476xx/CVE-2023-47615.json) (`2023-11-16T16:38:38.310`) -* [CVE-2023-47612](CVE-2023/CVE-2023-476xx/CVE-2023-47612.json) (`2023-11-16T16:39:34.940`) -* [CVE-2023-47613](CVE-2023/CVE-2023-476xx/CVE-2023-47613.json) (`2023-11-16T16:39:43.860`) -* [CVE-2023-47489](CVE-2023/CVE-2023-474xx/CVE-2023-47489.json) (`2023-11-16T16:39:53.067`) -* [CVE-2023-47488](CVE-2023/CVE-2023-474xx/CVE-2023-47488.json) (`2023-11-16T16:42:19.467`) -* [CVE-2023-20902](CVE-2023/CVE-2023-209xx/CVE-2023-20902.json) (`2023-11-16T16:43:24.420`) -* [CVE-2023-37790](CVE-2023/CVE-2023-377xx/CVE-2023-37790.json) (`2023-11-16T16:44:00.420`) -* [CVE-2023-37533](CVE-2023/CVE-2023-375xx/CVE-2023-37533.json) (`2023-11-16T16:44:55.610`) -* [CVE-2023-5760](CVE-2023/CVE-2023-57xx/CVE-2023-5760.json) (`2023-11-16T16:48:28.453`) +* [CVE-2023-31077](CVE-2023/CVE-2023-310xx/CVE-2023-31077.json) (`2023-11-16T17:54:55.783`) +* [CVE-2023-41284](CVE-2023/CVE-2023-412xx/CVE-2023-41284.json) (`2023-11-16T17:56:51.333`) +* [CVE-2023-39295](CVE-2023/CVE-2023-392xx/CVE-2023-39295.json) (`2023-11-16T17:57:01.447`) +* [CVE-2023-6075](CVE-2023/CVE-2023-60xx/CVE-2023-6075.json) (`2023-11-16T17:57:21.953`) +* [CVE-2023-47164](CVE-2023/CVE-2023-471xx/CVE-2023-47164.json) (`2023-11-16T17:57:24.673`) +* [CVE-2023-6074](CVE-2023/CVE-2023-60xx/CVE-2023-6074.json) (`2023-11-16T17:57:42.757`) +* [CVE-2023-6039](CVE-2023/CVE-2023-60xx/CVE-2023-6039.json) (`2023-11-16T17:59:48.420`) +* [CVE-2023-5078](CVE-2023/CVE-2023-50xx/CVE-2023-5078.json) (`2023-11-16T18:01:15.060`) +* [CVE-2023-5075](CVE-2023/CVE-2023-50xx/CVE-2023-5075.json) (`2023-11-16T18:01:47.087`) +* [CVE-2023-4891](CVE-2023/CVE-2023-48xx/CVE-2023-4891.json) (`2023-11-16T18:01:59.767`) +* [CVE-2023-6052](CVE-2023/CVE-2023-60xx/CVE-2023-6052.json) (`2023-11-16T18:04:08.497`) +* [CVE-2023-6053](CVE-2023/CVE-2023-60xx/CVE-2023-6053.json) (`2023-11-16T18:04:27.793`) +* [CVE-2023-45078](CVE-2023/CVE-2023-450xx/CVE-2023-45078.json) (`2023-11-16T18:04:56.023`) +* [CVE-2023-45077](CVE-2023/CVE-2023-450xx/CVE-2023-45077.json) (`2023-11-16T18:05:16.667`) +* [CVE-2023-41285](CVE-2023/CVE-2023-412xx/CVE-2023-41285.json) (`2023-11-16T18:09:49.707`) +* [CVE-2023-35877](CVE-2023/CVE-2023-358xx/CVE-2023-35877.json) (`2023-11-16T18:14:43.550`) +* [CVE-2023-47127](CVE-2023/CVE-2023-471xx/CVE-2023-47127.json) (`2023-11-16T18:15:06.943`) +* [CVE-2023-46201](CVE-2023/CVE-2023-462xx/CVE-2023-46201.json) (`2023-11-16T18:15:29.130`) +* [CVE-2023-47652](CVE-2023/CVE-2023-476xx/CVE-2023-47652.json) (`2023-11-16T18:15:46.740`) +* [CVE-2023-47516](CVE-2023/CVE-2023-475xx/CVE-2023-47516.json) (`2023-11-16T18:16:05.383`) +* [CVE-2023-46634](CVE-2023/CVE-2023-466xx/CVE-2023-46634.json) (`2023-11-16T18:16:13.293`) +* [CVE-2023-47163](CVE-2023/CVE-2023-471xx/CVE-2023-47163.json) (`2023-11-16T18:16:27.767`) +* [CVE-2023-5539](CVE-2023/CVE-2023-55xx/CVE-2023-5539.json) (`2023-11-16T18:17:35.113`) +* [CVE-2023-32966](CVE-2023/CVE-2023-329xx/CVE-2023-32966.json) (`2023-11-16T18:19:15.237`) +* [CVE-2023-45140](CVE-2023/CVE-2023-451xx/CVE-2023-45140.json) (`2023-11-16T18:50:42.010`) ## Download and Usage