Auto-Update: 2023-06-15T12:00:26.231765+00:00

2025-07-09 16:05:11 +00:00 · 2023-06-15 12:00:29 +00:00 · 2023-06-15 12:00:29 +00:00 · 464c42dfcc
commit 464c42dfcc
parent 2d8b34017f
3 changed files with 117 additions and 8 deletions
--- a/CVE-2023/CVE-2023-281xx/CVE-2023-28175.json
+++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28175.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-28175",
+  "sourceIdentifier": "psirt@bosch.com",
+  "published": "2023-06-15T11:15:09.227",
+  "lastModified": "2023-06-15T11:15:09.227",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@bosch.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 4.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@bosch.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-200"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html",
+      "source": "psirt@bosch.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-322xx/CVE-2023-32229.json
+++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32229.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-32229",
+  "sourceIdentifier": "psirt@bosch.com",
+  "published": "2023-06-15T11:15:09.347",
+  "lastModified": "2023-06-15T11:15:09.347",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@bosch.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 4.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@bosch.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-1246"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-435698-BT.html",
+      "source": "psirt@bosch.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-06-15T10:00:27.680029+00:00
+2023-06-15T12:00:26.231765+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-06-15T08:15:09.333000+00:00
+2023-06-15T11:15:09.347000+00:00
 ```

 ### Last Data Feed Release
@ -29,22 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-217809
+217811
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `2`

-* [CVE-2023-2847](CVE-2023/CVE-2023-28xx/CVE-2023-2847.json) (`2023-06-15T08:15:09.150`)
+* [CVE-2023-28175](CVE-2023/CVE-2023-281xx/CVE-2023-28175.json) (`2023-06-15T11:15:09.227`)
+* [CVE-2023-32229](CVE-2023/CVE-2023-322xx/CVE-2023-32229.json) (`2023-06-15T11:15:09.347`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

-* [CVE-2023-30575](CVE-2023/CVE-2023-305xx/CVE-2023-30575.json) (`2023-06-15T08:15:09.223`)
-* [CVE-2023-30776](CVE-2023/CVE-2023-307xx/CVE-2023-30776.json) (`2023-06-15T08:15:09.333`)


 ## Download and Usage