diff --git a/CVE-2024/CVE-2024-123xx/CVE-2024-12356.json b/CVE-2024/CVE-2024-123xx/CVE-2024-12356.json index 3002ec87a8c..745a56c4c4f 100644 --- a/CVE-2024/CVE-2024-123xx/CVE-2024-12356.json +++ b/CVE-2024/CVE-2024-123xx/CVE-2024-12356.json @@ -2,8 +2,8 @@ "id": "CVE-2024-12356", "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891", "published": "2024-12-17T05:15:06.413", - "lastModified": "2024-12-20T15:25:37.347", - "vulnStatus": "Analyzed", + "lastModified": "2025-02-17T21:15:10.327", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -132,6 +132,10 @@ "Third Party Advisory", "US Government Resource" ] + }, + { + "url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25066.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25066.json new file mode 100644 index 00000000000..3076dde9b71 --- /dev/null +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25066.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-25066", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-02-17T21:15:10.993", + "lastModified": "2025-02-17T21:15:10.993", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML External Entity (XXE) attacks via a license file, resulting in attacker-controlled files being stored on the product's server. Data exfiltration cannot occur." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + } + ], + "references": [ + { + "url": "https://community.rsa.com/s/advisories", + "source": "cve@mitre.org" + }, + { + "url": "https://community.rsa.com/s/article/RSA-Authentication-Manager-8-7-SP2-Patch-1-Readme", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/KaiwenTM/CVE_POC/blob/main/CVE-2024-25066.txt", + "source": "cve@mitre.org" + }, + { + "url": "https://www.rsa.com/en-us/company/vulnerability-response-policy", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index dbb7992b1bb..deb7f83bfa5 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-02-17T21:00:24.940202+00:00 +2025-02-17T23:00:21.063407+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-02-17T20:15:29.153000+00:00 +2025-02-17T21:15:10.993000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -281558 +281559 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `1` -- [CVE-2021-30369](CVE-2021/CVE-2021-303xx/CVE-2021-30369.json) (`2025-02-17T20:15:29.153`) -- [CVE-2024-13837](CVE-2024/CVE-2024-138xx/CVE-2024-13837.json) (`2025-02-17T19:15:09.463`) +- [CVE-2024-25066](CVE-2024/CVE-2024-250xx/CVE-2024-25066.json) (`2025-02-17T21:15:10.993`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2024-12356](CVE-2024/CVE-2024-123xx/CVE-2024-12356.json) (`2025-02-17T21:15:10.327`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 43a12e858bd..6851d63f3b8 100644 --- a/_state.csv +++ b/_state.csv @@ -174823,7 +174823,7 @@ CVE-2021-30359,0,0,45da381242ddf6a750ff455768377f1e9abbcbfa0ec6324e419f42a9152e5 CVE-2021-3036,0,0,6e33e927274094139602ffb70cc09ea2cd2c0c7532dc595e71075ae930e50fd3,2024-11-21T06:20:48.537000 CVE-2021-30360,0,0,789dd492f8f8c9bb7bc4ab50980a037b8168edf4eb0a5684069c51fa1cb24577,2024-11-21T06:03:56.813000 CVE-2021-30361,0,0,7fc59497abcdd5100ad4bceb3b50b4fe7f231a406611ada15d7f88542993e415,2024-11-21T06:03:56.933000 -CVE-2021-30369,1,1,cbf77ce2fec165ba7b72418abfcab51446f4043fb6d4fb9042397bd3f831efa8,2025-02-17T20:15:29.153000 +CVE-2021-30369,0,0,cbf77ce2fec165ba7b72418abfcab51446f4043fb6d4fb9042397bd3f831efa8,2025-02-17T20:15:29.153000 CVE-2021-3037,0,0,82ace2bb5465a2bc59ca67bd95592af8dd2974b7280b15d2f67f82faa86f4df9,2024-11-21T06:20:48.697000 CVE-2021-3038,0,0,0ceaa1e1e95073b7f4583a620ae5b2ec5c1da3f18a3bf955a887e1f1f66c0e1c,2024-11-21T06:20:48.850000 CVE-2021-3039,0,0,ee946bc7ade2c61abbbbe422283fe799c98c1e20794c9d6df3fd3325ff2756a7,2024-11-21T06:20:49.050000 @@ -245611,7 +245611,7 @@ CVE-2024-12352,0,0,32f72a704f1e2542fc20de0d035c196da17ca0c575db05fe3835b61fbee7c CVE-2024-12353,0,0,036565fabbbc178396eb3e3c0305ad86dac517256d160df7657b090d3f9dd19d,2024-12-10T23:37:06.613000 CVE-2024-12354,0,0,b8e15a077e4c1a839cf8211dcd4deb8e8c4036fa20d487417d7ee12337ae44d8,2024-12-10T23:36:25.740000 CVE-2024-12355,0,0,27ba3231c85cb7bb230de2bfcb71ae509e2205da9b6afc6c150214b3cf17ceaf,2024-12-10T23:36:03.883000 -CVE-2024-12356,0,0,105dac76f068e0a7df26029c27e4dd4c6eb4193ba09a6f3d1c3ed5326b9fe200,2024-12-20T15:25:37.347000 +CVE-2024-12356,0,1,47f76c9ed5ff94ac227aa2822ba21f3a55581c6b79b266287bc2053f23d3f41a,2025-02-17T21:15:10.327000 CVE-2024-12357,0,0,48fcc186a0b90c08dc56b15842484729758da0392dc94d034d9fe9fdfb82ecb1,2024-12-10T23:35:15.660000 CVE-2024-12358,0,0,c693e0849f917c8e8b82ecbabaa009531cb87832861cfd247370c207501db351,2024-12-10T23:34:20.467000 CVE-2024-12359,0,0,c89d1a1aa75e792ebb41728457dc48f1f26a200ebabc2671ae04aee3d706d446,2024-12-10T23:34:02.110000 @@ -246722,7 +246722,7 @@ CVE-2024-13829,0,0,0eb68c1cd51e57e24834aa430c28539b9740e4aeaf2e4bf4d57d2d018e612 CVE-2024-1383,0,0,aa117bb4caae4c90c9ef562f3b17aec83c186c85e2ed83fcc25ce7b11090cff4,2024-11-21T08:50:27.733000 CVE-2024-13830,0,0,c6d7b41600cf06f096c92eda44ad4947ed0129124f061312ef644e59d67aa0f4,2025-02-13T17:09:11.660000 CVE-2024-13834,0,0,b3a753413a4c1c1c8fb1941598bdc1cadfaac89f934ae66577e6a8bb7cdc2403,2025-02-15T15:15:23.423000 -CVE-2024-13837,1,1,b186071e4ea62233d731f5821d490b3ab777186a5f4da25e22f6fedfafcbdd0c,2025-02-17T19:15:09.463000 +CVE-2024-13837,0,0,b186071e4ea62233d731f5821d490b3ab777186a5f4da25e22f6fedfafcbdd0c,2025-02-17T19:15:09.463000 CVE-2024-1384,0,0,f50cb0336a3fe51b62fe599c783d20749a5fb92b8e797d5c0ac36d466c13f7ad,2024-09-19T22:13:04.370000 CVE-2024-13841,0,0,42857531268142aae6c02637b3b6e7d79dd71736d6804136946d48ddaede14a2,2025-02-07T07:15:14.573000 CVE-2024-13842,0,0,955b2791810b1a10a02616a1134c790dde9472870ffb2ecef1b260eb338bf89c,2025-02-11T16:15:39.513000 @@ -251310,6 +251310,7 @@ CVE-2024-25062,0,0,33d5a68ef3b936424a736429c0cf52857e2954c9e23e61044543b96f4ce8f CVE-2024-25063,0,0,66e3d9769be4a072b3ce672f9896271f84fc3a46faea832786d65ef1b0821cb5,2024-11-21T09:00:10.580000 CVE-2024-25064,0,0,630189d4352af193613c5caf500a30b1ea966acedabfdb6b6c44c8c9c90ff2da,2024-11-21T09:00:10.703000 CVE-2024-25065,0,0,d9b3f95564df6ce5bbc93b83e6e400dfe73cd962c70fa49bcbdfa1f240e5106e,2025-02-13T18:17:13.343000 +CVE-2024-25066,1,1,cfe99037f8c60bf9e1eb92942e0cb294c42dc1bf159b970776555c22910844c2,2025-02-17T21:15:10.993000 CVE-2024-2507,0,0,d2bd12e43cb16137b76052767012daeeb5681b81f827ee8546e5b590614b4a24,2025-02-05T17:28:13.613000 CVE-2024-25073,0,0,b773096cbe22b7b2359c05c5b9b8c5d77df4ed93f4aca2b5ee2c4c6254770bbe,2024-12-04T21:15:22.230000 CVE-2024-25074,0,0,ceec7e26506d1c51c0a15b70554b53358fa1555c187d8abcdb06a9354ef81f73,2024-11-21T09:00:11.107000