Auto-Update: 2024-09-22T14:00:16.802267+00:00

2025-05-08 11:37:26 +00:00 · 2024-09-22 14:03:16 +00:00 · 2024-09-22 14:03:16 +00:00 · 23631b33d2
commit 23631b33d2
parent f2cd02fd46
3 changed files with 70 additions and 12 deletions
--- a/CVE-2024/CVE-2024-407xx/CVE-2024-40703.json
+++ b/CVE-2024/CVE-2024-407xx/CVE-2024-40703.json
@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-40703",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2024-09-22T13:15:10.960",
+  "lastModified": "2024-09-22T13:15:10.960",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key.  An attacker could use this information to launch further attacks against affected applications."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-522"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.ibm.com/support/pages/node/7160700",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/7168038",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-09-22T10:00:18.175290+00:00
+2024-09-22T14:00:16.802267+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-09-22T09:15:03.047000+00:00
+2024-09-22T13:15:10.960000+00:00
 ```

 ### Last Data Feed Release
@ -33,17 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-263542
+263543
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `4`
+Recently added CVEs: `1`

- [CVE-2024-9082](CVE-2024/CVE-2024-90xx/CVE-2024-9082.json) (`2024-09-22T08:15:02.077`)
- [CVE-2024-9083](CVE-2024/CVE-2024-90xx/CVE-2024-9083.json) (`2024-09-22T09:15:02.520`)
- [CVE-2024-9084](CVE-2024/CVE-2024-90xx/CVE-2024-9084.json) (`2024-09-22T09:15:03.047`)
- [CVE-2024-9085](CVE-2024/CVE-2024-90xx/CVE-2024-9085.json) (`2024-09-22T08:15:02.393`)
+- [CVE-2024-40703](CVE-2024/CVE-2024-407xx/CVE-2024-40703.json) (`2024-09-22T13:15:10.960`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -257279,6 +257279,7 @@ CVE-2024-4069,0,0,fc5a2986d6746eec6d2dc8871a19fd31bd3dae122b27ac5ac325372fce08ed
 CVE-2024-40690,0,0,90531c3f5bf2655a59eec8750bd49d0d616cedd303a52fde5af4cabda07abfea,2024-09-10T16:16:41.940000
 CVE-2024-40697,0,0,f856503bb71a9cc35c4f2b21ad4463650d9c9dc59f1e2e3c8f1061ecb691990a,2024-08-22T13:27:20.743000
 CVE-2024-4070,0,0,f50441c69b27e00682c793729b411e41b0ab8839510e28fbeccbd72a35bcaeb5,2024-06-04T19:20:29.567000
+CVE-2024-40703,1,1,1e4030df18c5f03a1741d9ae75e328b962242238c8781437cb3beb4bd9144177,2024-09-22T13:15:10.960000
 CVE-2024-40704,0,0,3edc9bce3fb2efa51a5394090ae34392088b6a2e45c2b3fd2dca38dfa067bb31,2024-08-15T20:03:13.530000
 CVE-2024-40705,0,0,eaf406061f744f9b9d1df77f0e2bd923d25751eaa5d5e839a69fa1e668b20b9c,2024-08-15T19:57:34.780000
 CVE-2024-40709,0,0,b9cade7c7de2b7d37190896234716fcd464e3b6f075536b64a6ecace1ca81e79,2024-09-09T15:35:08.283000
@ -263537,7 +263538,7 @@ CVE-2024-9078,0,0,1a5052f06cdc7d4acc0bf95bc2ad4d974e2a303784c7fd29b6a8cae51edf44
 CVE-2024-9079,0,0,e76a3ae4a8abec7c1a01dec5d7ec9c97a51740506a77b6c83c77ca1c5a4b57ea,2024-09-22T05:15:11.710000
 CVE-2024-9080,0,0,b19946dfe8254d1ef6f942e6b2629c2578c2527b473394e1556153bb30fc2436,2024-09-22T07:15:10.607000
 CVE-2024-9081,0,0,83d64789c2f84e0d8ffe5455ad72010c960463abb0acee3360d27d5e18a8b875,2024-09-22T07:15:11.073000
-CVE-2024-9082,1,1,8c51ec3aa7c134f0a037ba432a719b3b9580e08290aa961bcc251a391e217310,2024-09-22T08:15:02.077000
-CVE-2024-9083,1,1,720ca5fe35d1d7daa80787597ec3ebb478418f6cedb268aed929720423b1d17f,2024-09-22T09:15:02.520000
-CVE-2024-9084,1,1,504c9de5ef5f6bc61c459eb4079f090a8e3c9935178f338f671194de063a4263,2024-09-22T09:15:03.047000
-CVE-2024-9085,1,1,81aa0dfb4f5019831f841378181f944eb206bbbc088679eae52e76ba4cb4ec33,2024-09-22T08:15:02.393000
+CVE-2024-9082,0,0,8c51ec3aa7c134f0a037ba432a719b3b9580e08290aa961bcc251a391e217310,2024-09-22T08:15:02.077000
+CVE-2024-9083,0,0,720ca5fe35d1d7daa80787597ec3ebb478418f6cedb268aed929720423b1d17f,2024-09-22T09:15:02.520000
+CVE-2024-9084,0,0,504c9de5ef5f6bc61c459eb4079f090a8e3c9935178f338f671194de063a4263,2024-09-22T09:15:03.047000
+CVE-2024-9085,0,0,81aa0dfb4f5019831f841378181f944eb206bbbc088679eae52e76ba4cb4ec33,2024-09-22T08:15:02.393000