From 464c42dfcc575fb3f29cf11469052dda060f5e08 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Thu, 15 Jun 2023 12:00:29 +0000
Subject: [PATCH] Auto-Update: 2023-06-15T12:00:26.231765+00:00

---
 CVE-2023/CVE-2023-281xx/CVE-2023-28175.json | 55 +++++++++++++++++++++
 CVE-2023/CVE-2023-322xx/CVE-2023-32229.json | 55 +++++++++++++++++++++
 README.md                                   | 15 +++---
 3 files changed, 117 insertions(+), 8 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-281xx/CVE-2023-28175.json
 create mode 100644 CVE-2023/CVE-2023-322xx/CVE-2023-32229.json

diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28175.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28175.json
new file mode 100644
index 00000000000..92e2d7e2a6f
--- /dev/null
+++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28175.json
@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-28175",
+  "sourceIdentifier": "psirt@bosch.com",
+  "published": "2023-06-15T11:15:09.227",
+  "lastModified": "2023-06-15T11:15:09.227",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@bosch.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 4.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@bosch.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-200"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html",
+      "source": "psirt@bosch.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32229.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32229.json
new file mode 100644
index 00000000000..eece0715e62
--- /dev/null
+++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32229.json
@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-32229",
+  "sourceIdentifier": "psirt@bosch.com",
+  "published": "2023-06-15T11:15:09.347",
+  "lastModified": "2023-06-15T11:15:09.347",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@bosch.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 4.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@bosch.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-1246"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-435698-BT.html",
+      "source": "psirt@bosch.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 03e33e8bde5..81c9536435d 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-06-15T10:00:27.680029+00:00
+2023-06-15T12:00:26.231765+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-06-15T08:15:09.333000+00:00
+2023-06-15T11:15:09.347000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,22 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-217809
+217811
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `2`
 
-* [CVE-2023-2847](CVE-2023/CVE-2023-28xx/CVE-2023-2847.json) (`2023-06-15T08:15:09.150`)
+* [CVE-2023-28175](CVE-2023/CVE-2023-281xx/CVE-2023-28175.json) (`2023-06-15T11:15:09.227`)
+* [CVE-2023-32229](CVE-2023/CVE-2023-322xx/CVE-2023-32229.json) (`2023-06-15T11:15:09.347`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `2`
+Recently modified CVEs: `0`
 
-* [CVE-2023-30575](CVE-2023/CVE-2023-305xx/CVE-2023-30575.json) (`2023-06-15T08:15:09.223`)
-* [CVE-2023-30776](CVE-2023/CVE-2023-307xx/CVE-2023-30776.json) (`2023-06-15T08:15:09.333`)
 
 
 ## Download and Usage