Auto-Update: 2025-01-02T03:00:19.574619+00:00

2025-05-08 11:37:26 +00:00 · 2025-01-02 03:03:44 +00:00 · 2025-01-02 03:03:44 +00:00 · 3be9a101d7
commit 3be9a101d7
parent 85420e2b0e
3 changed files with 24 additions and 12 deletions
--- a/CVE-2024/CVE-2024-130xx/CVE-2024-13061.json
+++ b/CVE-2024/CVE-2024-130xx/CVE-2024-13061.json
@ -2,20 +2,24 @@
  "id": "CVE-2024-13061",
  "sourceIdentifier": "twcert@cert.org.tw",
  "published": "2024-12-31T12:15:22.967",
-  "lastModified": "2024-12-31T12:15:22.967",
-  "vulnStatus": "Received",
+  "lastModified": "2025-01-02T02:15:19.897",
+  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product enforces an IP whitelist for the API used to query user tokens, unauthenticated remote attackers can still deceive the server to obtain tokens of arbitrary users, which can then be used to log into the system."
+    },
+    {
+      "lang": "es",
+      "value": "Electronic Official Document Management System de 2100 Technology tiene una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n. Aunque el producto aplica una lista blanca de direcciones IP para la API utilizada para consultar tokens de usuarios, los atacantes remotos no autenticados a\u00fan pueden enga\u00f1ar al servidor para obtener tokens de usuarios arbitrarios, que luego pueden usarse para iniciar sesi\u00f3n en el sistema."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "twcert@cert.org.tw",
-        "type": "Primary",
+        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -38,7 +42,7 @@
  "weaknesses": [
    {
      "source": "twcert@cert.org.tw",
-      "type": "Primary",
+      "type": "Secondary",
      "description": [
        {
          "lang": "en",
@ -48,6 +52,14 @@
    }
  ],
  "references": [
+    {
+      "url": "https://www.chtsecurity.com/news/255984da-6630-4e25-ba9b-5ce6933935a6",
+      "source": "twcert@cert.org.tw"
+    },
+    {
+      "url": "https://www.chtsecurity.com/news/ade9e9af-61d0-4e3c-8aa0-e8524ee2cfbc",
+      "source": "twcert@cert.org.tw"
+    },
    {
      "url": "https://www.twcert.org.tw/en/cp-139-8340-d8b16-2.html",
      "source": "twcert@cert.org.tw"
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-01-01T15:00:19.939723+00:00
+2025-01-02T03:00:19.574619+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-01-01T14:15:23.590000+00:00
+2025-01-02T02:15:19.897000+00:00
 ```

 ### Last Data Feed Release
@ -27,7 +27,7 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2025-01-01T01:00:04.352309+00:00
+2025-01-02T01:00:10.078674+00:00
 ```

 ### Total Number of included CVEs
@ -38,15 +38,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `0`

- [CVE-2025-0168](CVE-2025/CVE-2025-01xx/CVE-2025-0168.json) (`2025-01-01T14:15:23.590`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `1`

+- [CVE-2024-13061](CVE-2024/CVE-2024-130xx/CVE-2024-13061.json) (`2025-01-02T02:15:19.897`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -245307,7 +245307,7 @@ CVE-2024-13050,0,0,84109de165147e4a5232ee1fdc9c6d22162f7758c34e8757df3c209c53af5
 CVE-2024-13051,0,0,1be1ae94a61dba469e5e49f0e3a210eb507d631c9c82589acffd3c63211509af,2024-12-30T21:15:07.717000
 CVE-2024-13058,0,0,91396049ed5baf4a6f156f57d5990485463c9e52e997b4c7fdc31249002c7bf7,2024-12-30T22:15:05.957000
 CVE-2024-1306,0,0,0542247252f536db3d3f5f372f6b06cf8f9322e7de2b3d2f5040c13d3f80547b,2024-11-21T08:50:17.053000
-CVE-2024-13061,0,0,b03feaa2f4fc804226d0585c376accf3d822de2d58d31f55dfdc314d7922b688,2024-12-31T12:15:22.967000
+CVE-2024-13061,0,1,f0d229ddc53c34e4105e6b89d4e6cbe6fcae50e1fc38e3eb92bb7d84d07d1623,2025-01-02T02:15:19.897000
 CVE-2024-13067,0,0,e9d43e6d22a143227a87a6afa965695645cbe92ac8a9cc3c1dbae98beb301933,2024-12-31T16:15:25.280000
 CVE-2024-13069,0,0,59f5977c5ed98428bf813528205c28472dbe30bb8d317db36e1c6f0f99974166,2024-12-31T16:15:25.580000
 CVE-2024-1307,0,0,791d403fd6ce043b636953425f5891ef42986249387c4cd3003ec2c058fbc715,2024-11-21T08:50:17.233000
@ -275384,4 +275384,4 @@ CVE-2024-9996,0,0,433ba4c226a5a6d2212e25ce0b55b45b5a0aaae59192553eedeafbaec42bc6
 CVE-2024-9997,0,0,c951d1dfad7abcf434414a546a4fccad53052e3fa40c16bd73a8c37c97d5eba8,2024-11-01T16:27:34.960000
 CVE-2024-9998,0,0,0419a3dad23ae850906f2650ca4d40b180999b4a5d360bcc1b838f8893ae2af5,2024-11-12T11:15:03.840000
 CVE-2024-9999,0,0,cad7c92a380ae514b71a1dd06f3b79a139ea65cb773110d32be2b942d72ae5af,2024-11-13T17:01:58.603000
-CVE-2025-0168,1,1,fde79a3f95dbae8045d22c8e981cbdd84ae894d89db499f6872ba4edd67b57a4,2025-01-01T14:15:23.590000
+CVE-2025-0168,0,0,fde79a3f95dbae8045d22c8e981cbdd84ae894d89db499f6872ba4edd67b57a4,2025-01-01T14:15:23.590000