admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-18T20:00:27.911740+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-18 20:00:31 +00:00
parent 15bf523e08
commit 30bc2624c2
126 changed files with 10416 additions and 477 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
CVE-2020/CVE-2020-221xx/CVE-2020-22159.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2020-22159",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-18T18:15:11.503",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "EVERTZ devices 3080IPX exe-guest-v1.2-r26125, 7801FC 1.3 Build 27, and 7890IXG V494 are vulnerable to Arbitrary File Upload, allowing an authenticated attacker to upload a webshell or overwrite any critical system files."
}
],
"metrics": {},
"references": [
{
"url": "https://cacharros-inthewild.blogspot.com/2023/07/the-3080ipx-is-integrated-multicast.html",
"source": "cve@mitre.org"
},
{
"url": "https://sku11army.blogspot.com/2020/02/evertz-path-transversal-arbitrary-file.html",
"source": "cve@mitre.org"
}
]
}

4
CVE-2020/CVE-2020-367xx/CVE-2020-36762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36762",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-18T15:15:11.133",
"lastModified": "2023-07-18T15:15:11.133",
"vulnStatus": "Received",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

24
CVE-2021/CVE-2021-375xx/CVE-2021-37522.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2021-37522",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-18T18:15:11.590",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in HKing2802 Locke-Bot 2.0.2 allows remote attackers to run arbitrary SQL commands via crafted string to /src/db.js, /commands/mute.js, /modules/event/messageDelete.js."
}
],
"metrics": {},
"references": [
{
"url": "https://cinquito.github.io/jekyll/update/2021/10/17/discord_bot_sqli.html",
"source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/0xHornet/9789d70454a47764b611afc8e84d6c0d",
"source": "cve@mitre.org"
}
]
}

67
CVE-2021/CVE-2021-44xx/CVE-2021-4410.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4410",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:10.667",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:40:06.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qtranslate_slug_project:qtranslate_slug:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.18",
"matchCriteriaId": "203C24EE-0502-46A4-A8E9-DAAE5079F435"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/qtranslate-slug/trunk/includes/class-qtranslate-slug.php#L2099",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9d682596-c32d-4abd-ba39-b57fc45c9ce0?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2021/CVE-2021-44xx/CVE-2021-4411.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4411",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:10.767",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:39:57.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,46 +46,94 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpeasypay:wp_easypay:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.2.0",
"matchCriteriaId": "AA8D2AA0-149C-479F-B518-81349B90C6BE"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-easy-pay/trunk/wpep_setup.php?rev=2426641#L219",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2551919%40wp-easy-pay&new=2551919%40wp-easy-pay&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a1fbb3a6-fcc2-47c5-a086-331e69292add?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-44xx/CVE-2021-4412.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4412",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:10.880",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:39:43.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goprayer:wp_prayer:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.5",
"matchCriteriaId": "A19EAFC7-FE0F-442F-A974-F948D4257DA4"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2543740%40wp-prayer&new=2543740%40wp-prayer&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a7efbdb1-989f-4171-ab55-aff66014337a?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

89
CVE-2021/CVE-2021-44xx/CVE-2021-4413.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4413",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:11.003",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:39:34.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,6 +31,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -46,42 +66,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coolplugins:process_steps_template_designer:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.1",
"matchCriteriaId": "B388BF29-BCA3-4E89-97D5-DDF138ADBB2B"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2473649%40process-steps-template-designer&new=2473649%40process-steps-template-designer&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a98f6a68-5863-4147-86c4-8c19af469be3?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2021/CVE-2021-44xx/CVE-2021-4414.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-4414",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:11.117",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:39:08.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.5. This is due to missing or incorrect nonce validation on the wcal_preview_emails() function. This makes it possible for unauthenticated attackers to generate email preview templates via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Abandoned Cart Lite for WooCommerce para WordPress es vulnerable a ataques de tipo Cross-Site Request Forgery en versiones hasta la 5.8.5 inclusive. Esto es debido a la falta o incorrecta validaci\u00f3n nonce en la funci\u00f3n \"wcal_preview_emails()\". Esto hace posible que los atacantes no autenticados generen plantillas de vista previa de correo electr\u00f3nico a trav\u00e9s de una solicitud manipulada concedida y puedan enga\u00f1ar a un administrador del sitio para realizar una acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {
@ -46,42 +50,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tychesoftwares:abandoned_cart_lite_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.8.5",
"matchCriteriaId": "91AF5A02-5872-44B5-9A8D-380AB98674EF"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2473720/woocommerce-abandoned-cart/trunk/woocommerce-ac.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab5d87d2-f3cb-4926-9cbf-acdbe9169f64?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

96
CVE-2021/CVE-2021-44xx/CVE-2021-4428.json Normal file
View File

@ -0,0 +1,96 @@
{
"id": "CVE-2021-4428",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-18T17:15:11.140",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueue_scripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 4.0.1 is able to address this issue. The patch is named dd59cbac5f86057d6a73b87007c08b8bfa0c32ac. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-234247."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/what3words/wordpress-autosuggest-plugin/commit/dd59cbac5f86057d6a73b87007c08b8bfa0c32ac",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/what3words/wordpress-autosuggest-plugin/pull/20",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/what3words/wordpress-autosuggest-plugin/releases/tag/v4.0.1",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.234247",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.234247",
"source": "cna@vuldb.com"
}
]
}

94
CVE-2022/CVE-2022-223xx/CVE-2022-22302.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22302",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-07-11T09:15:09.073",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:25:58.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
@ -34,10 +54,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.4",
"matchCriteriaId": "47A3EAE7-BA29-4267-BF88-61ACA9F40AC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C30DF6A-2839-4B19-AF75-2A5BD82CB0BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCCE874-8B7F-4A4A-9A28-C32280E77708"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.13",
"matchCriteriaId": "A6EF01D9-50FB-4300-87FB-132649A9AC51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndIncluding": "6.2.9",
"matchCriteriaId": "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E45EB-4C8C-4777-9200-08B14595A3A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D114536-7169-4814-B011-570E3AD86A3D"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-20-014",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

349
CVE-2022/CVE-2022-295xx/CVE-2022-29561.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29561",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:09.970",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:05:58.730",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

349
CVE-2022/CVE-2022-295xx/CVE-2022-29562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29562",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.043",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:16:33.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

14
CVE-2022/CVE-2022-458xx/CVE-2022-45868.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-45868",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-23T21:15:11.360",
"lastModified": "2022-11-30T20:46:33.020",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-18T18:15:11.680",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states \"This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that.\""
"value": "** DISPUTED ** The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states \"This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that.\""
}
],
"metrics": {
@ -85,6 +85,10 @@
}
],
"references": [
{
"url": "https://github.com/advisories/GHSA-22wj-vf5f-wrvj",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/h2database/h2database/blob/96832bf5a97cdc0adc1f2066ed61c54990d66ab5/h2/src/main/org/h2/server/web/WebServer.java#L346-L347",
"source": "cve@mitre.org",
@ -92,6 +96,10 @@
"Third Party Advisory"
]
},
{
"url": "https://github.com/h2database/h2database/issues/3686",
"source": "cve@mitre.org"
},
{
"url": "https://sites.google.com/sonatype.com/vulnerabilities/sonatype-2022-6243",
"source": "cve@mitre.org",

4
CVE-2022/CVE-2022-474xx/CVE-2022-47421.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47421",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-18T15:15:11.363",
"lastModified": "2023-07-18T15:15:11.363",
"vulnStatus": "Received",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2022/CVE-2022-47xx/CVE-2022-4734.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-4734",
"sourceIdentifier": "security@huntr.dev",
"published": "2022-12-27T15:15:12.767",
"lastModified": "2023-07-17T15:11:50.203",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-18T16:15:11.283",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository usememos/memos prior to 0.9.1."
"value": "Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1.\n\n"
}
],
"metrics": {
@ -31,15 +31,13 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV30": [
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -58,7 +56,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
@ -68,12 +66,12 @@
]
},
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-212"
}
]
}

20
CVE-2022/CVE-2022-48xx/CVE-2022-4811.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-4811",
"sourceIdentifier": "security@huntr.dev",
"published": "2022-12-28T14:15:11.363",
"lastModified": "2023-07-17T15:10:30.823",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-18T16:15:11.463",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Authorization in GitHub repository usememos/memos prior to 0.9.1."
"value": "Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1.\n\n"
}
],
"metrics": {
@ -31,15 +31,13 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
],
"cvssMetricV30": [
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -58,7 +56,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
@ -68,12 +66,12 @@
]
},
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "CWE-639"
}
]
}

55
CVE-2023/CVE-2023-01xx/CVE-2023-0160.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-0160",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-18T17:15:11.313",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A deadlock flaw was found in the Linux kernel\u2019s BPF subsystem. This flaw allows a local user to potentially crash the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-0160",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159764",
"source": "secalert@redhat.com"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed17aa92dc56",
"source": "secalert@redhat.com"
},
{
"url": "https://lore.kernel.org/all/CABcoxUayum5oOqFMMqAeWuS8+EzojquSOSyDA3J_2omY=2EeAg@mail.gmail.com/",
"source": "secalert@redhat.com"
}
]
}

213
CVE-2023/CVE-2023-201xx/CVE-2023-20133.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20133",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-07-07T20:15:09.887",
"lastModified": "2023-07-08T10:25:54.183",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:59:56.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +54,197 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3FA883-F14A-424A-8CEA-E7B140311B88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A28A13-3554-4951-9BC6-D57E68672648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A9F521F-5D30-4DE7-A308-D1EC7F17C5FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6A48E8-0B18-49F7-9869-A493F356778E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.8:*:*:*:*:*:*:*",
"matchCriteriaId": "25230DAE-8870-4D37-A61A-E352C1B3D745"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3875C388-7B83-451C-8F37-609A414B847E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17D2A6BB-43D5-4907-BA8E-0EFC5C45A8E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43E36526-AD0B-4020-86B5-0681D6D4A845"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.9:*:*:*:*:*:*:*",
"matchCriteriaId": "787AA492-5044-4A98-BA14-DE1D2DB09435"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1752401-15DE-42A1-B7A1-F6C82DAEE1A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A89D03AD-C0CB-48B9-9B17-C4397F7BCC6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD47BA5-5DA9-4C0E-BE96-F1E94E444DE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69A90D5E-EA48-4738-BE1B-78FBDAD33017"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94E66A90-D684-4185-8C28-727B62AFB39D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0082B39D-BC0E-4716-8332-A04EA6BBBDD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F82C6242-BCD3-43C1-8B1D-4044C4263050"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.6:*:*:*:*:*:*:*",
"matchCriteriaId": "982C57A9-231E-4CB2-80A8-19A2DF951615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11176259-0359-416D-A22D-DEBEBE755FE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9FB403-FD08-48CE-AEEA-D39485CAF64A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "95C51BA7-857E-46CF-A9F1-6FAF354256AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8D521C27-9DC7-455F-846B-BBCBF91E40BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E556DE9F-C369-4A0C-94D9-5F5A83BFF8D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC385C8-8E95-461F-AC9D-926BF24C2D7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.11:*:*:*:*:*:*:*",
"matchCriteriaId": "47ED4961-CECA-42FF-8257-DBFA66816169"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B88FEF-4A6B-4F71-92BC-2F3835ADAD6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.1:*:*:*:*:*:*:*",
"matchCriteriaId": "178264BF-4E16-49CA-A3C3-CAF3ABA2B0A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9D8F48-4890-4A8F-A31C-82534C30CDDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C26630BE-8CB9-4580-87C5-0F8D9381B574"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0477334B-2179-4F7C-A562-7CF62FB15188"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68570B19-32BB-441C-9C00-C1A839CBD985"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55BD3A1F-9453-40EE-B155-8182BA49C1CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FE1DED-33FB-4118-80E7-86D4641C7E61"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sxsscsrf-2L24bBx6",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

213
CVE-2023/CVE-2023-201xx/CVE-2023-20180.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20180",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-07-07T20:15:09.943",
"lastModified": "2023-07-08T10:25:54.183",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:03:37.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +54,197 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3FA883-F14A-424A-8CEA-E7B140311B88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A28A13-3554-4951-9BC6-D57E68672648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A9F521F-5D30-4DE7-A308-D1EC7F17C5FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6A48E8-0B18-49F7-9869-A493F356778E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.8:*:*:*:*:*:*:*",
"matchCriteriaId": "25230DAE-8870-4D37-A61A-E352C1B3D745"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3875C388-7B83-451C-8F37-609A414B847E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17D2A6BB-43D5-4907-BA8E-0EFC5C45A8E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43E36526-AD0B-4020-86B5-0681D6D4A845"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.9:*:*:*:*:*:*:*",
"matchCriteriaId": "787AA492-5044-4A98-BA14-DE1D2DB09435"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1752401-15DE-42A1-B7A1-F6C82DAEE1A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A89D03AD-C0CB-48B9-9B17-C4397F7BCC6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:39.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD47BA5-5DA9-4C0E-BE96-F1E94E444DE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69A90D5E-EA48-4738-BE1B-78FBDAD33017"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94E66A90-D684-4185-8C28-727B62AFB39D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0082B39D-BC0E-4716-8332-A04EA6BBBDD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F82C6242-BCD3-43C1-8B1D-4044C4263050"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.6:*:*:*:*:*:*:*",
"matchCriteriaId": "982C57A9-231E-4CB2-80A8-19A2DF951615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:40.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11176259-0359-416D-A22D-DEBEBE755FE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9FB403-FD08-48CE-AEEA-D39485CAF64A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "95C51BA7-857E-46CF-A9F1-6FAF354256AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8D521C27-9DC7-455F-846B-BBCBF91E40BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E556DE9F-C369-4A0C-94D9-5F5A83BFF8D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC385C8-8E95-461F-AC9D-926BF24C2D7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.11:*:*:*:*:*:*:*",
"matchCriteriaId": "47ED4961-CECA-42FF-8257-DBFA66816169"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:42.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B88FEF-4A6B-4F71-92BC-2F3835ADAD6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.1:*:*:*:*:*:*:*",
"matchCriteriaId": "178264BF-4E16-49CA-A3C3-CAF3ABA2B0A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9D8F48-4890-4A8F-A31C-82534C30CDDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C26630BE-8CB9-4580-87C5-0F8D9381B574"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0477334B-2179-4F7C-A562-7CF62FB15188"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68570B19-32BB-441C-9C00-C1A839CBD985"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55BD3A1F-9453-40EE-B155-8182BA49C1CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:webex_meetings:43.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FE1DED-33FB-4118-80E7-86D4641C7E61"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sxsscsrf-2L24bBx6",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-20xx/CVE-2023-2078.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2078",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-11T03:15:09.227",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:55:55.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -50,22 +70,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:buymeacoffee:buy_me_a_coffee:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.8",
"matchCriteriaId": "8FB9059F-EE95-42C3-BC6E-8C8266C74856"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/admin/class-buy-me-a-coffee-admin.php?rev=2816542",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/includes/class-buy-me-a-coffee.php?rev=2319979#L162",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2935565%40buymeacoffee&new=2935565%40buymeacoffee&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1c218c6-1599-4dc9-846f-e0ef74821488?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-20xx/CVE-2023-2079.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2079",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-11T03:15:09.310",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:56:25.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
@ -50,22 +70,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:buymeacoffee:buy_me_a_coffee:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.8",
"matchCriteriaId": "8FB9059F-EE95-42C3-BC6E-8C8266C74856"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/admin/class-buy-me-a-coffee-admin.php?rev=2816542",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/includes/class-buy-me-a-coffee.php?rev=2319979#L162",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2935565%40buymeacoffee&new=2935565%40buymeacoffee&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6309258e-e4fc-4edf-a771-2d82a9a85a5c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-228xx/CVE-2023-22835.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22835",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-07-10T21:15:10.540",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:06:22.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
},
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
@ -34,10 +54,49 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:foundry_frontend:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.228.0",
"matchCriteriaId": "3B2BF858-2C37-4778-B132-E4A9DADBCFD6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:foundry_issues:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.510.0",
"matchCriteriaId": "F9980734-2C13-41CD-A88A-D1EFCEDC73BD"
}
]
}
]
}
],
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=0e2e79bd-cc03-42a8-92c2-c0e68a1ea53d",
"source": "cve-coordination@palantir.com"
"source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-22xx/CVE-2023-2263.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2263",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-07-18T16:15:11.600",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nThe Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A is vulnerable to CIP fuzzing. \u00a0The new ENIP connections cannot be established if impacted by this vulnerability, \u00a0which prohibits operational capabilities of the device resulting in a denial-of-service attack.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140029",
"source": "PSIRT@rockwellautomation.com"
}
]
}

47
CVE-2023/CVE-2023-236xx/CVE-2023-23671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23671",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T12:15:09.603",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:21:26.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:web-settler:layer_slider:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.9.7",
"matchCriteriaId": "C9C81A39-0E6A-4194-A74F-D5FFE2264A32"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/slider-slideshow/wordpress-layer-slider-plugin-1-1-9-6-cross-site-request-forgery-csrf-leading-to-post-page-deletion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-243xx/CVE-2023-24390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24390",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-18T15:15:11.467",
"lastModified": "2023-07-18T15:15:11.467",
"vulnStatus": "Received",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-244xx/CVE-2023-24417.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24417",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:09.457",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:22:06.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tiggerswelt:worthy:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.5-6497609",
"matchCriteriaId": "E446A461-C4C8-4CB4-BD44-0CEEE51CB069"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-worthy/wordpress-worthy-vg-wort-integration-fuer-wordpress-plugin-1-6-5-6497609-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-244xx/CVE-2023-24486.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-24486",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-10T21:15:10.600",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:33:38.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -23,10 +56,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:workspace:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "2302",
"matchCriteriaId": "06F0DC7A-F8DA-4B3F-8A1B-DC11A4394348"
}
]
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX477618/citrix-workspace-app-for-linux-security-bulletin-for-cve202324486",
"source": "secure@citrix.com"
"source": "secure@citrix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

114
CVE-2023/CVE-2023-244xx/CVE-2023-24487.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24487",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-10T21:15:10.650",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:25:55.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -46,10 +76,88 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:application_delivery_controller:*:*:*:*:fips:*:*:*",
"versionStartIncluding": "12.1",
"versionEndExcluding": "12.1-55.296",
"matchCriteriaId": "EDEB8DA9-D2C2-40CA-8D37-B3878E41A596"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
"versionStartIncluding": "12.1",
"versionEndExcluding": "12.1-55.296",
"matchCriteriaId": "AD984EFC-389E-4660-A6AB-4FF4F1DB5D3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:application_delivery_controller:*:*:*:*:-:*:*:*",
"versionStartIncluding": "12.1",
"versionEndExcluding": "12.1-65.35",
"matchCriteriaId": "196840B2-A87D-448C-8E9C-61C01188A8A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:application_delivery_controller:*:*:*:*:-:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.0-90.11",
"matchCriteriaId": "885DC06B-B95C-4D86-8702-2D54C38B467B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:application_delivery_controller:*:*:*:*:fips:*:*:*",
"versionStartIncluding": "13.1",
"versionEndExcluding": "13.1-37.150",
"matchCriteriaId": "523E9114-7624-4759-8F60-C1C5200BC438"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:application_delivery_controller:*:*:*:*:-:*:*:*",
"versionStartIncluding": "13.1",
"versionEndExcluding": "13.1-45.61",
"matchCriteriaId": "11CA79C0-C374-430E-B699-91D9BB7B728E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.1",
"versionEndExcluding": "12.1-65.35",
"matchCriteriaId": "7C7337CF-B482-4272-8D5E-C6F18FC07E47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.0-90.11",
"matchCriteriaId": "E9853C6D-CA36-4018-80D9-4C196C1D6D56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.1",
"versionEndExcluding": "13.1-45.61",
"matchCriteriaId": "2A762510-82CB-4671-8D3C-A0C53E21FB9C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX477714/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202324487-cve202324488",
"source": "secure@citrix.com"
"source": "secure@citrix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-244xx/CVE-2023-24489.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24489",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-10T22:15:09.197",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:19:45.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:sharefile_storage_zones_controller:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11.24",
"matchCriteriaId": "42FCFB5C-11F0-4FEB-B6DA-41C9E5F1A74D"
}
]
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX559517/sharefile-storagezones-controller-security-update-for-cve202324489",
"source": "secure@citrix.com"
"source": "secure@citrix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

163
CVE-2023/CVE-2023-244xx/CVE-2023-24490.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24490",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-10T22:15:09.263",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:43:58.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -46,10 +76,137 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:*:*:*:*:-:*:*:*",
"versionEndExcluding": "2305",
"matchCriteriaId": "3E82967D-2580-4C52-B92A-234BC27ECBBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:-:*:*:ltsr:*:*:*",
"matchCriteriaId": "F9330183-B04B-46F1-9DA6-5EAF216DFCC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu1:*:*:ltsr:*:*:*",
"matchCriteriaId": "A2486FD4-AF16-4F57-836A-42A2D11012C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu2:*:*:ltsr:*:*:*",
"matchCriteriaId": "1BF66372-CFDC-42DD-87FA-480DC0565977"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu3:*:*:ltsr:*:*:*",
"matchCriteriaId": "AE1E7523-EEB7-46CE-A01E-04FACB407395"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu4:*:*:ltsr:*:*:*",
"matchCriteriaId": "0B60552E-923B-4064-96D9-0F565C58695C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu5:*:*:ltsr:*:*:*",
"matchCriteriaId": "21EC9092-FCA9-41AA-9A9B-83D7E3DABB2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu6:*:*:ltsr:*:*:*",
"matchCriteriaId": "5353646C-E3FB-4315-83C7-D6EEE258C964"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2203:-:*:*:ltsr:*:*:*",
"matchCriteriaId": "8AE1E7FC-9E2C-45BC-9F12-43149210D261"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2203:cu1:*:*:ltsr:*:*:*",
"matchCriteriaId": "0AEBE958-3A73-4F9D-932E-62495408A609"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2203:cu2:*:*:ltsr:*:*:*",
"matchCriteriaId": "BBD9FA8E-333E-4231-9F7D-08A604D065AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:*:*:*:*:-:*:*:*",
"versionEndExcluding": "2305",
"matchCriteriaId": "E7821959-422B-426F-B963-7100C47F9C0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:1912:-:*:*:ltsr:*:*:*",
"matchCriteriaId": "01457137-FDAA-4BED-898C-A24D2EA85936"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:1912:cu1:*:*:ltsr:*:*:*",
"matchCriteriaId": "7CE5CFB7-9C78-467D-866E-ACB0ACA477F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:1912:cu2:*:*:ltsr:*:*:*",
"matchCriteriaId": "7F7BFB2E-EC75-4DE2-AECA-E105BE03E700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:1912:cu3:*:*:ltsr:*:*:*",
"matchCriteriaId": "38227179-7380-4E1B-A13C-612545FB0379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:1912:cu4:*:*:ltsr:*:*:*",
"matchCriteriaId": "2E91B885-B6D9-474E-963F-D4EE30589D18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:1912:cu5:*:*:ltsr:*:*:*",
"matchCriteriaId": "E0891F0B-FC62-404F-B965-A78431DFF2B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:1912:cu6:*:*:ltsr:*:*:*",
"matchCriteriaId": "E25EF4FA-C654-48F4-91C9-E430520F8326"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:2203:-:*:*:ltsr:*:*:*",
"matchCriteriaId": "AC6CD3E0-D1F3-4443-9E77-EDA0EE6A1758"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:2203:cu1:*:*:ltsr:*:*:*",
"matchCriteriaId": "C1CADA77-7572-45C8-8B2A-516CD025A0DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:linux_virtual_delivery_agent:2203:cu2:*:*:ltsr:*:*:*",
"matchCriteriaId": "40345A7F-642E-44CE-9782-DB86FE968520"
}
]
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX559370/windows-and-linux-virtual-delivery-agent-for-cvad-and-citrix-daas-security-bulletin-cve202324490",
"source": "secure@citrix.com"
"source": "secure@citrix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-254xx/CVE-2023-25443.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25443",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:09.533",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:22:13.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wow-company:button_generator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3.5",
"matchCriteriaId": "27EB059E-2F32-4881-B863-2AA10E7D4155"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/button-generation/wordpress-button-generator-plugin-2-3-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-257xx/CVE-2023-25706.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25706",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:09.607",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:22:21.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pagup:better_robots.txt:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.5",
"matchCriteriaId": "9369D193-8F3C-4DFE-9D59-427A2BBDB699"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/better-robots-txt/wordpress-wordpress-robots-txt-optimization-xml-sitemap-website-traffic-seo-ranking-booster-plugin-1-4-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-27xx/CVE-2023-2746.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2746",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-07-11T14:15:09.467",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:26:41.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:enhanced_him:1.001:*:*:*:*:*:*:*",
"matchCriteriaId": "51135134-B184-4E8E-8B1E-9D3B58F5E0C2"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139760",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
}
]
}

43
CVE-2023/CVE-2023-280xx/CVE-2023-28019.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28019",
"sourceIdentifier": "psirt@hcl.com",
"published": "2023-07-18T18:15:11.817",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insufficient validation in Bigfix WebUI API App site version < 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106123",
"source": "psirt@hcl.com"
}
]
}

43
CVE-2023/CVE-2023-280xx/CVE-2023-28020.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28020",
"sourceIdentifier": "psirt@hcl.com",
"published": "2023-07-18T19:15:09.437",
"lastModified": "2023-07-18T19:49:32.270",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\u00a0URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106123",
"source": "psirt@hcl.com"
}
]
}

43
CVE-2023/CVE-2023-280xx/CVE-2023-28021.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28021",
"sourceIdentifier": "psirt@hcl.com",
"published": "2023-07-18T19:15:09.503",
"lastModified": "2023-07-18T19:49:32.270",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The BigFix WebUI uses weak cipher suites.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106123",
"source": "psirt@hcl.com"
}
]
}

58
CVE-2023/CVE-2023-291xx/CVE-2023-29131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29131",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.473",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:30:33.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_cn_4100:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.5",
"matchCriteriaId": "3F50C1C5-0934-44E6-A3F3-C473B6EA82F4"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-301xx/CVE-2023-30153.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-30153",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-18T19:15:09.573",
"lastModified": "2023-07-18T19:49:32.270",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An SQL injection vulnerability in the Payplug (payplug) module for PrestaShop, in versions 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.7.0 and 3.7.1, allows remote attackers to execute arbitrary SQL commands via the ajax.php front controller."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://addons.prestashop.com/en/payment-card-wallet/8795--payplug-accept-customer-payments-wherever-they-are.html",
"source": "cve@mitre.org"
},
{
"url": "https://security.friendsofpresta.org/module/2023/07/18/payplug.html",
"source": "cve@mitre.org"
}
]
}

36
CVE-2023/CVE-2023-303xx/CVE-2023-30383.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-30383",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-18T19:15:09.643",
"lastModified": "2023-07-18T19:49:32.270",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data."
}
],
"metrics": {},
"references": [
{
"url": "http://tplink.com",
"source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/a2ure123/a4eda2813d85d8b414bb87e855ab4bf8",
"source": "cve@mitre.org"
},
{
"url": "https://www.tp-link.com/us/support/download/archer-c2/v1/#Firmware",
"source": "cve@mitre.org"
},
{
"url": "https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware",
"source": "cve@mitre.org"
},
{
"url": "https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware),TPLINK",
"source": "cve@mitre.org"
}
]
}

150
CVE-2023/CVE-2023-309xx/CVE-2023-30919.json
View File

@ -2,19 +2,161 @@
"id": "CVE-2023-30919",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-07-12T09:15:11.027",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:03:01.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

150
CVE-2023/CVE-2023-309xx/CVE-2023-30920.json
View File

@ -2,19 +2,161 @@
"id": "CVE-2023-30920",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-07-12T09:15:11.070",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:03:28.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

150
CVE-2023/CVE-2023-309xx/CVE-2023-30921.json
View File

@ -2,19 +2,161 @@
"id": "CVE-2023-30921",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-07-12T09:15:11.117",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:14:06.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-309xx/CVE-2023-30956.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30956",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-07-10T22:15:09.337",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:51:43.570",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:foundry_comments:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.267.0",
"matchCriteriaId": "DB9F014E-F469-456C-A77B-46146A38DC42"
}
]
}
]
}
],
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478a",
"source": "cve-coordination@palantir.com"
"source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-309xx/CVE-2023-30960.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30960",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-07-10T22:15:09.410",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:49:10.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:foundry_job-tracker:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.645.0",
"matchCriteriaId": "79928D14-B7DA-4696-B71B-FB691D946C49"
}
]
}
]
}
],
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=115d9bf4-201f-4cfe-b2fc-219e3a2d945b",
"source": "cve-coordination@palantir.com"
"source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-309xx/CVE-2023-30963.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30963",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-07-10T22:15:09.477",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:42:11.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:foundry_frontend:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.229.0",
"matchCriteriaId": "F02A5A87-A8FC-4792-8AED-593F1B382130"
}
]
}
]
}
],
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=3c6b63b7-fb67-4202-a94a-9c83515efb8a",
"source": "cve-coordination@palantir.com"
"source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-30xx/CVE-2023-3081.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3081",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.597",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:10:30.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:awesomemotive:wp_mail_logging:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.11.2",
"matchCriteriaId": "88FDEEBF-3DA8-4F0C-972B-66AB3F6E8DC2"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2923464/wp-mail-logging",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2925728/wp-mail-logging",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ef20b3e6-d8f4-458e-b604-b46ef16e229e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-30xx/CVE-2023-3082.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3082",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.677",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:09:28.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpexperts:post_smtp_mailer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.5.8",
"matchCriteriaId": "BECABCB4-7E6C-41BC-8291-5B7B2823CE01"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2935537/post-smtp",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ecd0fa6-4fdb-4780-9560-0bb126800685?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-30xx/CVE-2023-3087.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3087",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.747",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:08:42.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmanageninja:fluentsmtp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.5",
"matchCriteriaId": "659B4F4A-C479-4BF9-B99F-AE7E58B52B18"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2935217/fluent-smtp/trunk/app/Models/Logger.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2935217/fluent-smtp/trunk/app/Services/Mailer/BaseHandler.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fa47a794-e5ce-491d-a10b-c7c5718aa853?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-30xx/CVE-2023-3088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3088",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.823",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:08:18.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpvibes:wp_mail_log:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "D42AFE93-13CF-4819-9DF2-8ABE8585F27D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2931706/wp-mail-log",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86ee1acb-6f0c-40e6-80a0-fc93b61c1602?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-30xx/CVE-2023-3092.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3092",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.900",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:08:02.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:photoboxone:smtp_mail:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.16",
"matchCriteriaId": "AFE1DEB1-B844-4EDB-9D54-AD0D565C3015"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/smtp-mail/trunk/includes/data-list-table.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ae734d1-0cd4-4ff5-8448-828b0fb64f70?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-30xx/CVE-2023-3093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3093",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.980",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:07:51.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +64,50 @@
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yaycommerce:yaysmtp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.6",
"matchCriteriaId": "8653A64E-C0E9-4E64-9806-EDD7B454D98C"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2922163/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/68e6ec3a-c5fd-4f63-a9a0-2c9ddfb96e2e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-314xx/CVE-2023-31405.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31405",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.387",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:10:38.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -46,14 +66,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_for_java:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A80232-F2C2-4B40-A00C-25611D3409AC"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3324732",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-314xx/CVE-2023-31441.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31441",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-18T15:15:11.663",
"lastModified": "2023-07-18T15:15:11.663",
"vulnStatus": "Received",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

32
CVE-2023/CVE-2023-31xx/CVE-2023-3105.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3105",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:10.053",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:07:33.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,14 +46,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.6.0",
"matchCriteriaId": "06EF8D4A-E904-4D14-9FF2-A5DC240D426A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.learndash.com/release-notes/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2318b3e1-268d-45fa-83bf-c6e88f1b9013?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-31xx/CVE-2023-3175.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-3175",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-10T16:15:55.133",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:52:20.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The AI ChatBot WordPress plugin before 4.6.1 does not adequately escape some settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.6.1",
"matchCriteriaId": "0709ED0B-61F4-453E-BE59-0546AA9A8F62"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/7643980b-eaa2-45d1-bd9d-9afae0943f43",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-321xx/CVE-2023-32104.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32104",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:09.687",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:22:27.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mycurator_content_curation_project:mycurator_content_curation:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.74",
"matchCriteriaId": "FBEC86B9-D989-4D49-8B6F-8D8CCE6CB7EF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mycurator/wordpress-mycurator-content-curation-plugin-3-74-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-32xx/CVE-2023-3219.json
View File

@ -2,18 +2,41 @@
"id": "CVE-2023-3219",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-10T16:15:55.250",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:52:52.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The EventON WordPress plugin before 2.1.2 does not validate that the event_id parameter in its eventon_ics_download ajax action is a valid Event, allowing unauthenticated visitors to access any Post (including unpublished or protected posts) content via the ics export functionality by providing the numeric id of the post."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -21,12 +44,44 @@
"value": "CWE-639"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.2",
"matchCriteriaId": "CAE44D9E-F39C-4230-8D1D-0EC2BE8DDAB7"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/72d80887-0270-4987-9739-95b1a178c1fd",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-32xx/CVE-2023-3225.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-3225",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-10T16:15:55.307",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:53:02.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Float menu WordPress plugin before 5.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wow-company:float_menu:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.0.3",
"matchCriteriaId": "B88EB4F0-09E2-435F-A10D-B210D36B41E4"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/3c76d0f4-2ea8-433d-afb2-e35e45630899",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-32xx/CVE-2023-3270.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3270",
"sourceIdentifier": "psirt@sick.de",
"published": "2023-07-10T16:15:55.367",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T17:53:13.060",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@sick.de",
"type": "Secondary",
@ -34,18 +54,69 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.5.0",
"matchCriteriaId": "C9781FA2-2446-4587-8BBA-1AC342BC5A0F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1AF1D7-8380-4B5C-8258-214F00638CC2"
}
]
}
]
}
],
"references": [
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sick.com/psirt",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Product"
]
}
]
}

59
CVE-2023/CVE-2023-332xx/CVE-2023-33231.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-33231",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-07-18T17:15:11.397",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "XSS attack was possible in DPA 2023.2 due to insufficient input validation"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@solarwinds.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@solarwinds.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-3_release_notes.htm",
"source": "psirt@solarwinds.com"
},
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33231",
"source": "psirt@solarwinds.com"
}
]
}

24
CVE-2023/CVE-2023-332xx/CVE-2023-33265.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33265",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-18T16:15:11.693",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, executor services don't check client permissions properly, allowing authenticated users to execute tasks on members without the required permissions granted."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/hazelcast/hazelcast",
"source": "cve@mitre.org"
},
{
"url": "https://support.hazelcast.com/s/article/Security-Advisory-for-CVE-2023-33265",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-333xx/CVE-2023-33312.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-33312",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-18T18:15:11.897",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wppal Easy Captcha plugin <=\u00a01.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/easy-captcha/wordpress-easy-captcha-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-333xx/CVE-2023-33329.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-33329",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-18T18:15:11.997",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Hijiri Custom Post Type Generator plugin <=\u00a02.4.2 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-post-type-generator/wordpress-custom-post-type-generator-plugin-2-4-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-338xx/CVE-2023-33871.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-33871",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-18T18:15:12.097",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability that could allow an unauthenticated user to directly access any file outside the webroot."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-36"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-03",
"source": "ics-cert@hq.dhs.gov"
}
]
}

166
CVE-2023/CVE-2023-339xx/CVE-2023-33987.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33987",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.450",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:31:55.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -46,14 +66,152 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.49:*:*:*:*:*:*:*",
"matchCriteriaId": "0B4A7850-377C-4463-A5D7-07F516FBD74A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "950DF1E2-990E-41EF-8779-CEC54C7CDC60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E33D9481-3CF6-4AA3-B115-7903AC6DAE25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.81:*:*:*:*:*:*:*",
"matchCriteriaId": "49FF2A5B-E5F0-4991-9AA3-7CB3B8C62941"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "F74EE4D5-E968-4851-89E6-4152F64930F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.88:*:*:*:*:*:*:*",
"matchCriteriaId": "677B15E6-09B3-4BA8-8D99-427952335035"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "097ED3E8-49B1-497E-BD43-28C397FBEAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.90:*:*:*:*:*:*:*",
"matchCriteriaId": "DA093F5F-071D-4FA5-AADA-7E058014AB6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:hdb_2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4A56FB-16CB-4ACA-A961-01F57B1A11F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.49:*:*:*:*:*:*:*",
"matchCriteriaId": "5512FFE8-E10E-48A3-A153-821D1948AB5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E4BC89-114A-4EA3-A9E8-D956A26BCB18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "65A5FFAC-93F9-4204-9FA1-4D749D443173"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E0098E57-6A7F-4CC6-8109-E2400E0FFFEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.81:*:*:*:*:*:*:*",
"matchCriteriaId": "87738C45-6B88-4DD4-A4A3-4AD47502679C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ABB030-9A13-4194-A2A4-9623B2F22D7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.88:*:*:*:*:*:*:*",
"matchCriteriaId": "B994804F-5405-4295-93BF-4F1C5C3CF00C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22EAAE-F75C-4902-9734-52B048D5D7B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.90:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D4EFB1-0225-454D-9273-259A4055F482"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64nuc_7.49:*:*:*:*:*:*:*",
"matchCriteriaId": "8F634C80-5034-44A2-9F94-69DEDF453998"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.49:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2FD99C-D945-4495-97C7-03D6C6BBBE4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8CD933-E217-445A-B244-C07625F9EE74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:sap_extended_app_services_1:*:*:*:*:*:*:*",
"matchCriteriaId": "216C4CEE-E514-43FB-8819-591AF721E2ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:xs_advanced_runtime_1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9D3697-7C80-4629-AE7A-73BDE5C558B2"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3233899",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-339xx/CVE-2023-33988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33988",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.523",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:28:55.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -46,14 +66,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enable_now:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9E5418-8D10-48C4-93AF-0B036893B093"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3326769",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-340xx/CVE-2023-34029.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34029",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:09.760",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:22:38.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:disable_wordpress_update_notifications_and_auto-update_email_notifications_project:disable_wordpress_update_notifications_and_auto-update_email_notifications:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3.3",
"matchCriteriaId": "8540D39C-CB9F-41D9-A227-E95F6AD1CC12"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/disable-update-notifications/wordpress-disable-wordpress-update-notifications-and-auto-update-email-notifications-plugin-2-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

43
CVE-2023/CVE-2023-340xx/CVE-2023-34035.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-34035",
"sourceIdentifier": "security@vmware.com",
"published": "2023-07-18T16:15:11.753",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Spring Security versions 5.8\u00a0prior to 5.8.5, 6.0\u00a0prior to 6.0.5,\u00a0and 6.1\u00a0prior to 6.1.2\u00a0could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String)\u00a0and multiple servlets, one of them being Spring MVC\u2019s DispatcherServlet.\u00a0(DispatcherServlet\u00a0is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.)\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * Spring MVC is on the classpath\n * Spring Security is securing more than one servlet in a single application (one of them being Spring MVC\u2019s DispatcherServlet)\n * The application uses requestMatchers(String)\u00a0to refer to endpoints that are not Spring MVC endpoints\n\n\nAn application is not vulnerable if any of the following is true:\n\n * The application does not have Spring MVC on the classpath\n * The application secures no servlets other than Spring MVC\u2019s DispatcherServlet\n * The application uses requestMatchers(String)\u00a0only for Spring MVC endpoints\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://spring.io/security/cve-2023-34035",
"source": "security@vmware.com"
}
]
}

59
CVE-2023/CVE-2023-341xx/CVE-2023-34185.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34185",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T12:15:09.687",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:21:37.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wordpress_nextgen_galleryview_project:wordpress_nextgen_galleryview:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.5.5",
"matchCriteriaId": "CF7555F6-CEBA-42EF-8B67-FC4FADC46EC3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wordpress-nextgen-galleryview/wordpress-wordpress-nextgen-galleryview-plugin-0-5-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-343xx/CVE-2023-34329.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-34329",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-18T18:15:12.193",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nAMI SPx contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
},
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34330.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34330",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-18T18:15:12.287",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nAMI SPx contains a vulnerability in the BMC where a User may cause a improper control of generation of code by Dynamic Redfish Extension. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

94
CVE-2023/CVE-2023-345xx/CVE-2023-34561.json
View File

@ -2,39 +2,115 @@
"id": "CVE-2023-34561",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T13:15:09.830",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:22:57.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow in the level parsing code of RobTop Games AB Geometry Dash v2.113 allows attackers to execute arbitrary code via entering a Geometry Dash level."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:robtopgames:geometry_dash:2.113:*:*:*:*:*:*:*",
"matchCriteriaId": "814B2DB0-7D71-4111-BFC0-B8B3B0ADEA10"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/meltah/gd-rce",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=DMxucOWfLPc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=RGMeWPchScg",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=ev0VXbiduuQ",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=kAeJvY6BBps",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=u7eXBr4HkKQ",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-350xx/CVE-2023-35044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35044",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:09.883",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:24:12.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:securimage-wp-fixed_project:securimage-wp-fixed:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.6.16",
"matchCriteriaId": "8D57A6C4-CCC3-4ABB-B200-2205857A4501"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/securimage-wp/wordpress-securimage-wp-plugin-3-6-16-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-350xx/CVE-2023-35047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35047",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T12:15:09.757",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:21:45.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:areoi:all_bootstrap_blocks:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.6",
"matchCriteriaId": "6BBAED4F-2F92-4AE5-8E63-313ECC24B468"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/all-bootstrap-blocks/wordpress-all-bootstrap-blocks-plugin-1-3-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-350xx/CVE-2023-35091.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35091",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:09.957",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:55:10.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:storeapps:stock_manager_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.10.0",
"matchCriteriaId": "54DB07D4-A29C-406E-A406-61B7267C2BAF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-stock-manager/wordpress-stock-manager-for-woocommerce-plugin-2-10-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-351xx/CVE-2023-35189.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35189",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-18T18:15:12.370",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a remote \ncode execution vulnerability that could allow an unauthenticated user to\n upload a malicious payload and execute it.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-03",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-357xx/CVE-2023-35763.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35763",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-18T18:15:12.460",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that could allow an unauthenticated user to decrypt encrypted passwords into plaintext."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-03",
"source": "ics-cert@hq.dhs.gov"
}
]
}

59
CVE-2023/CVE-2023-357xx/CVE-2023-35773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35773",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:10.027",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:02:54.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:template_debugger_project:template_debugger:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.1.2",
"matchCriteriaId": "A8445FFB-AD06-441E-B073-28B3E988ACDE"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/quick-edit-template-link/wordpress-template-debugger-plugin-3-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-357xx/CVE-2023-35778.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35778",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T12:15:09.830",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:21:52.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:recent_posts_slider_project:recent_posts_slider:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1",
"matchCriteriaId": "C5F3FF0A-FA55-42F2-8DD8-8B297F95F7C9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/recent-posts-slider/wordpress-recent-posts-slider-plugin-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-357xx/CVE-2023-35780.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35780",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T12:15:09.907",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:21:59.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:galleria_project:galleria:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.3",
"matchCriteriaId": "D410801E-E95E-4741-8211-F681B87FF14D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/galleria/wordpress-galleria-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-358xx/CVE-2023-35854.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-35854",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-20T12:15:09.690",
"lastModified": "2023-06-27T18:03:04.617",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-18T16:15:11.820",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator."
"value": "** DISPUTED ** Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator. NOTE: the vendor's perspective is that they have \"found no evidence or detail of a security vulnerability.\""
}
],
"metrics": {

158
CVE-2023/CVE-2023-358xx/CVE-2023-35871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35871",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.867",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:20:09.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +76,132 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "950DF1E2-990E-41EF-8779-CEC54C7CDC60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E33D9481-3CF6-4AA3-B115-7903AC6DAE25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "F74EE4D5-E968-4851-89E6-4152F64930F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "097ED3E8-49B1-497E-BD43-28C397FBEAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.91:*:*:*:*:*:*:*",
"matchCriteriaId": "AC165964-CB7E-40BC-A63E-7CD0E34CF93D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.92:*:*:*:*:*:*:*",
"matchCriteriaId": "C72FF95D-9A43-4788-810F-2FFE408A1CFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9105215B-CB70-4063-9302-138F54DD2672"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:hdb_2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4A56FB-16CB-4ACA-A961-01F57B1A11F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E4BC89-114A-4EA3-A9E8-D956A26BCB18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "65A5FFAC-93F9-4204-9FA1-4D749D443173"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E0098E57-6A7F-4CC6-8109-E2400E0FFFEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ABB030-9A13-4194-A2A4-9623B2F22D7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22EAAE-F75C-4902-9734-52B048D5D7B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB56066-A70F-4162-9E7F-829DE9862467"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.92:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDC3937-9B43-46AF-B003-D5C0B181B214"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "30459CD4-451D-4C3D-8FE2-17552F83D7CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8CD933-E217-445A-B244-C07625F9EE74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:sap_extended_app_services_1:*:*:*:*:*:*:*",
"matchCriteriaId": "216C4CEE-E514-43FB-8819-591AF721E2ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:xs_advanced_runtime_1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9D3697-7C80-4629-AE7A-73BDE5C558B2"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3340735",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-362xx/CVE-2023-36293.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-36293",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T15:15:20.313",
"lastModified": "2023-07-11T16:16:52.790",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:23:02.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in wmanager v.1.0.7 and before allows a remote attacker to obtain sensitive information via a crafted script to the company.php component."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wmanager:wmanager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.7",
"matchCriteriaId": "D8D1D68F-3EF6-46C1-8341-F0AD238A6B4C"
}
]
}
]
}
],
"references": [
{
"url": "http://wmanager.org/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/wmanager/base",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-363xx/CVE-2023-36383.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36383",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-18T15:15:11.777",
"lastModified": "2023-07-18T15:15:11.777",
"vulnStatus": "Received",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-363xx/CVE-2023-36384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36384",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-18T15:15:11.867",
"lastModified": "2023-07-18T15:15:11.867",
"vulnStatus": "Received",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

349
CVE-2023/CVE-2023-363xx/CVE-2023-36389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36389",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.760",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:35:46.253",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

349
CVE-2023/CVE-2023-363xx/CVE-2023-36390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36390",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.827",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:53:10.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-365xx/CVE-2023-36522.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36522",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:10.100",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:04:40.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wepupil:quiz_expert_-_easy_quiz_maker\\,_exam_and_test_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5.0",
"matchCriteriaId": "73C40516-9673-4D5A-9093-7662E6E456F9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/quiz-expert/wordpress-quiz-expert-easy-quiz-maker-exam-and-test-manager-plugin-1-5-0-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-366xx/CVE-2023-36669.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-36669",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-18T18:15:12.553",
"lastModified": "2023-07-18T18:24:48.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit (TPU) within the IDU by sending crafted TCP requests to the IDU."
}
],
"metrics": {},
"references": [
{
"url": "https://kratosdefense.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.kratosdefense.com/vulnerability-advisories/cve-2023-36669",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-366xx/CVE-2023-36670.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-36670",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-18T19:15:09.703",
"lastModified": "2023-07-18T19:49:32.270",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device."
}
],
"metrics": {},
"references": [
{
"url": "https://kratosdefense.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.kratosdefense.com/vulnerability-advisories/cve-2023-36670",
"source": "cve@mitre.org"
}
]
}

47
CVE-2023/CVE-2023-366xx/CVE-2023-36687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36687",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T11:15:08.737",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:21:13.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dontdream:menubar:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.8.2",
"matchCriteriaId": "CC18EE8A-63E5-4592-B999-A1AC576186BA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/menubar/wordpress-menubar-plugin-5-8-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-366xx/CVE-2023-36690.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36690",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T13:15:10.173",
"lastModified": "2023-07-11T14:27:23.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T19:16:44.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vibethemes:wordpress_learning_management_system_:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.900",
"matchCriteriaId": "8E9B4AA5-124B-4123-83D3-B25B5B7B99DB"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wplms/wordpress-wplms-theme-4-600-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-366xx/CVE-2023-36693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36693",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T10:15:10.963",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:46:25.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_rss_images_project:wp_rss_images:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1",
"matchCriteriaId": "32A2BBE2-A2BD-459C-B87B-3656BA1CEEE2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-rss-images/wordpress-wp-rss-images-plugin-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

349
CVE-2023/CVE-2023-367xx/CVE-2023-36748.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36748",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:11.033",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:40:40.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

349
CVE-2023/CVE-2023-367xx/CVE-2023-36749.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36749",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:11.103",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T16:57:14.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

349
CVE-2023/CVE-2023-367xx/CVE-2023-36750.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36750",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:11.170",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:28:19.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

349
CVE-2023/CVE-2023-367xx/CVE-2023-36751.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36751",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:11.233",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:34:49.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

349
CVE-2023/CVE-2023-367xx/CVE-2023-36752.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36752",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:11.297",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:36:28.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

349
CVE-2023/CVE-2023-367xx/CVE-2023-36753.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36753",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:11.360",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:39:45.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

349
CVE-2023/CVE-2023-367xx/CVE-2023-36754.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36754",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:11.427",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-18T18:48:34.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,323 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "B70C9A14-F31D-452F-8F7E-368E1ED7165C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "C095D9B0-79A3-44A7-9683-B8DEF689D65F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "3A0D1757-6A48-4C53-877A-947CDDD67793"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD4008-DB6A-4749-A426-D2DE44819A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "957788AA-B685-42B6-8BE9-B61D20B68144"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E79B422-C844-411C-AA49-CFD73D3C6E2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "02E80465-DCD4-4CEB-AB5C-DFD86A5DB2E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAEC5C-06EE-4C58-A981-EBF5860CEF16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "BEC2AF9C-52CA-48FF-A4CD-C042EF225000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0751225A-6E9C-4281-93A4-A048920FF7C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "D0889DDD-C18A-4605-907C-0AAC4362FC94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "FA09F789-1903-4487-A108-684EA9423F32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41ADD701-AD49-46B2-A12E-219CCED32298"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "76CF386C-0665-401C-9E5F-D3A89E6C2847"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C70D90-E8FA-4343-9027-152A99D79C82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "A813AC2B-2F29-45D7-AB27-657A36399F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1775F3B-6F47-4134-8B4E-CF6337FF546C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "6AF925B2-B147-4CB0-8789-D68C38135BEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E33F2-E89B-4008-BED2-CF2296801078"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More