admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-11T14:00:26.165387+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-11 14:00:29 +00:00
parent 085d814b0b
commit 572e21d234
46 changed files with 2009 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
CVE-2023/CVE-2023-275xx/CVE-2023-27523.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27523",
"sourceIdentifier": "security@apache.org",
"published": "2023-09-06T13:15:08.017",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:46:08.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.1.0",
"matchCriteriaId": "A5C7318E-1118-457F-A2BC-8B9400AE7C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/3y97nmwm956b6zg3l8dh9oj0w7dj945h",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

59
CVE-2023/CVE-2023-275xx/CVE-2023-27526.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27526",
"sourceIdentifier": "security@apache.org",
"published": "2023-09-06T13:15:08.300",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:46:43.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-863"
}
]
},
{
"source": "security@apache.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.1.0",
"matchCriteriaId": "A5C7318E-1118-457F-A2BC-8B9400AE7C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/ndww89yl2jd98lvn23n9cj722lfdg8dv",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

6
CVE-2023/CVE-2023-285xx/CVE-2023-28538.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28538",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.113",
"lastModified": "2023-09-08T18:14:46.540",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-11T13:02:29.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
}

119
CVE-2023/CVE-2023-311xx/CVE-2023-31188.json
View File

@ -2,31 +2,136 @@
"id": "CVE-2023-31188",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:13.183",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:33:19.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506', and Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616'."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c55_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230506",
"matchCriteriaId": "4AF28B84-B90E-47B6-B2E8-F78CC909EEC0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FC0D-0A09-42F6-BA31-597D38208F61"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c50_v3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230505",
"matchCriteriaId": "7B4081EE-A5EE-41E0-BA3F-39F1BE7799AC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c50_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01EE9C6D-D758-4015-B197-545269BF2283"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c20/v1/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c50/v3/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c55/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

114
CVE-2023/CVE-2023-326xx/CVE-2023-32619.json
View File

@ -2,27 +2,129 @@
"id": "CVE-2023-32619",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:13.650",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:35:49.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c55_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230506",
"matchCriteriaId": "4AF28B84-B90E-47B6-B2E8-F78CC909EEC0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FC0D-0A09-42F6-BA31-597D38208F61"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c50_v3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230505",
"matchCriteriaId": "7B4081EE-A5EE-41E0-BA3F-39F1BE7799AC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c50_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01EE9C6D-D758-4015-B197-545269BF2283"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c50/v3/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c55/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-358xx/CVE-2023-35845.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35845",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T08:15:07.493",
"lastModified": "2023-09-11T08:15:07.493",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2023/CVE-2023-361xx/CVE-2023-36161.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36161",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T13:15:24.947",
"lastModified": "2023-09-11T13:15:24.947",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Qubo Smart Plug 10A version HSP02_01_01_14_SYSTEM-10A, allows attackers to cause a denial of service (DoS) via Wi-Fi deauthentication."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Yashodhanvivek/Qubo_smart_switch_security_assessment/blob/main/Qubo_Smart_Plug_10A_Security_Assessment.pdf",
"source": "cve@mitre.org"
}
]
}

147
CVE-2023/CVE-2023-364xx/CVE-2023-36489.json
View File

@ -2,31 +2,164 @@
"id": "CVE-2023-36489",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:13.710",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:36:35.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:tl-wr902ac_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230506",
"matchCriteriaId": "3376E9AB-5749-4129-BF47-B9378E073B5A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:tl-wr902ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5541D281-8231-4724-BF9B-4E0FF61215A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:tl-wr802n_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "221008",
"matchCriteriaId": "EC40A74F-6DCC-4DEB-A38F-D293BE80303F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:tl-wr802n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E1B4F55-1FCF-4557-A051-2EBC1414DD00"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230506",
"matchCriteriaId": "93ED2916-46C6-43BE-A163-4AC82874869A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD44582F-0CC5-4A71-8FE8-2BEF65EB717E"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/tl-wr802n/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/tl-wr841n/v14/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/tl-wr902ac/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-36xx/CVE-2023-3612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3612",
"sourceIdentifier": "incident@nbu.gov.sk",
"published": "2023-09-11T10:15:07.603",
"lastModified": "2023-09-11T10:15:07.603",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

81
CVE-2023/CVE-2023-372xx/CVE-2023-37284.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-37284",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:13.770",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:39:06.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper authentication vulnerability in Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616' allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command via a crafted request to bypass authentication."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c20_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230616",
"matchCriteriaId": "8ACB29AC-C8FF-44C0-AB62-3F7B62F2EAC7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c20:1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D159009-CF48-4631-9139-5AB553B58018"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c20/v1/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

114
CVE-2023/CVE-2023-385xx/CVE-2023-38563.json
View File

@ -2,27 +2,129 @@
"id": "CVE-2023-38563",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:14.030",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:39:23.730",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c1200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230508",
"matchCriteriaId": "C389ECDD-7BF0-4BF6-94AB-09BC0E1A8BEF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c1200:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A981E118-B897-4B68-A1FB-379C803FD5DC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c9_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230508",
"matchCriteriaId": "ED0E2942-F39F-4A96-8FC0-A14225B58FA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c9:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18F528AA-045C-4111-BFD7-0597CC758E52"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c1200/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c9/v3/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

81
CVE-2023/CVE-2023-385xx/CVE-2023-38568.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-38568",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:14.273",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:39:55.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504' allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_a10_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230504",
"matchCriteriaId": "B5612D48-5BAD-440D-B684-172A6BF981FF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_a10:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D8B95AD-ED3B-4050-A1E9-D5F7A657D5CB"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-a10/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

69
CVE-2023/CVE-2023-385xx/CVE-2023-38574.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-38574",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-05T09:15:08.037",
"lastModified": "2023-09-05T12:54:46.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T12:50:00.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:i-pro:video_insight:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.9.6",
"matchCriteriaId": "823D3E01-7D44-4F00-B770-4E1FB0F5AA19"
}
]
}
]
}
],
"references": [
{
"url": "https://downloadvi.com/downloads/IPServer/v7.9/796232/v796232RN.pdf",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes"
]
},
{
"url": "https://jvn.jp/en/jp/JVN60140221/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-385xx/CVE-2023-38588.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-38588",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:14.490",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:40:16.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Archer C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OS commands."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c3150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230511",
"matchCriteriaId": "9DF6A4B7-C5FC-4107-BFC3-BA6AB03AED15"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c3150:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "824535E7-66E1-4776-BA64-D95A128512C4"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c3150/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

81
CVE-2023/CVE-2023-392xx/CVE-2023-39224.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-39224",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:14.587",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:40:42.273",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c7_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230602",
"matchCriteriaId": "8F37BD5C-4B5B-4DB2-81DB-249D53A3CD43"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c7:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27AE1E18-D939-4DB3-984A-85CB4962861C"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

144
CVE-2023/CVE-2023-392xx/CVE-2023-39266.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39266",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-08-29T20:15:09.637",
"lastModified": "2023-08-29T20:41:07.003",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:38:57.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,128 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionEndExcluding": "a.15.16.0026",
"matchCriteriaId": "6EF6288C-3E1F-4E2F-BDE2-319E6774F1BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.01.0000",
"versionEndExcluding": "16.04.0027",
"matchCriteriaId": "D421C423-B11A-43F0-A0E9-9ABD0CC3E7A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.05.0000",
"versionEndExcluding": "16.08.0027",
"matchCriteriaId": "90E95208-9E6A-4A27-91EF-EFF9EBB5CDF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.10.0001",
"versionEndExcluding": "16.10.0024",
"matchCriteriaId": "3A977A83-A7F4-4FE7-9AC9-5584801CC039"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.11.0001",
"versionEndExcluding": "16.11.0013",
"matchCriteriaId": "EF10EBA8-E257-4E81-8B5A-04E643FD27F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0DC0DE-5F4A-4D2A-AFCA-E36A103D5A6E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2530ya:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8251986-B9F2-4345-A4D7-EB3737F12AE0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2530yb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D7A8F42-55C8-4A2B-8A34-1B1B8BE3BEDF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEDD15E-289E-4B15-8620-547EA19CAEE7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1782D4A-AD68-4BD2-8453-EE22BCF2DC99"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2930f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C4FCD2-BB70-4848-B08A-223B5C3467BB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2561E158-FB61-4FFD-B680-DADF7BC2C6D1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_3810m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CE933B-68BA-45BA-81BD-95D873B858B1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_5406r_zl2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E982204-9ADC-4242-86C2-A407D6EA7DB0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_5412r_zl2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8549CD94-50E2-4615-94C2-D76FADFBA3AC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

144
CVE-2023/CVE-2023-392xx/CVE-2023-39267.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39267",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-08-29T20:15:09.743",
"lastModified": "2023-08-29T20:41:07.003",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:52:50.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,128 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionEndExcluding": "a.15.16.0026",
"matchCriteriaId": "6EF6288C-3E1F-4E2F-BDE2-319E6774F1BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.01.0000",
"versionEndExcluding": "16.04.0027",
"matchCriteriaId": "D421C423-B11A-43F0-A0E9-9ABD0CC3E7A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.05.0000",
"versionEndExcluding": "16.08.0027",
"matchCriteriaId": "90E95208-9E6A-4A27-91EF-EFF9EBB5CDF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.10.0001",
"versionEndExcluding": "16.10.0024",
"matchCriteriaId": "3A977A83-A7F4-4FE7-9AC9-5584801CC039"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.11.0001",
"versionEndExcluding": "16.11.0013",
"matchCriteriaId": "EF10EBA8-E257-4E81-8B5A-04E643FD27F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0DC0DE-5F4A-4D2A-AFCA-E36A103D5A6E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2530ya:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8251986-B9F2-4345-A4D7-EB3737F12AE0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2530yb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D7A8F42-55C8-4A2B-8A34-1B1B8BE3BEDF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEDD15E-289E-4B15-8620-547EA19CAEE7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1782D4A-AD68-4BD2-8453-EE22BCF2DC99"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2930f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C4FCD2-BB70-4848-B08A-223B5C3467BB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2561E158-FB61-4FFD-B680-DADF7BC2C6D1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_3810m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CE933B-68BA-45BA-81BD-95D873B858B1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_5406r_zl2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E982204-9ADC-4242-86C2-A407D6EA7DB0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_5412r_zl2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8549CD94-50E2-4615-94C2-D76FADFBA3AC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

144
CVE-2023/CVE-2023-392xx/CVE-2023-39268.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39268",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-08-29T20:15:09.830",
"lastModified": "2023-08-29T20:41:07.003",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:59:16.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,128 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionEndExcluding": "a.15.16.0026",
"matchCriteriaId": "6EF6288C-3E1F-4E2F-BDE2-319E6774F1BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.01.0000",
"versionEndExcluding": "16.04.0027",
"matchCriteriaId": "D421C423-B11A-43F0-A0E9-9ABD0CC3E7A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.05.0000",
"versionEndExcluding": "16.08.0027",
"matchCriteriaId": "90E95208-9E6A-4A27-91EF-EFF9EBB5CDF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.10.0001",
"versionEndExcluding": "16.10.0024",
"matchCriteriaId": "3A977A83-A7F4-4FE7-9AC9-5584801CC039"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.11.0001",
"versionEndExcluding": "16.11.0013",
"matchCriteriaId": "EF10EBA8-E257-4E81-8B5A-04E643FD27F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0DC0DE-5F4A-4D2A-AFCA-E36A103D5A6E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2530ya:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8251986-B9F2-4345-A4D7-EB3737F12AE0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2530yb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D7A8F42-55C8-4A2B-8A34-1B1B8BE3BEDF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEDD15E-289E-4B15-8620-547EA19CAEE7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1782D4A-AD68-4BD2-8453-EE22BCF2DC99"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2930f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C4FCD2-BB70-4848-B08A-223B5C3467BB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_2930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2561E158-FB61-4FFD-B680-DADF7BC2C6D1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_3810m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CE933B-68BA-45BA-81BD-95D873B858B1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_5406r_zl2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E982204-9ADC-4242-86C2-A407D6EA7DB0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:aruba_5412r_zl2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8549CD94-50E2-4615-94C2-D76FADFBA3AC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-399xx/CVE-2023-39935.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-39935",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:14.643",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:41:11.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Archer C5400 firmware versions prior to 'Archer C5400(JP)_V2_230506' allows a network-adjacent authenticated attacker to execute arbitrary OS commands."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c5400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230506",
"matchCriteriaId": "8FFB9EE1-3A2F-4CC1-A0D3-0F713D352B4A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21A6A32C-1B83-4B4B-BEFD-9B785D7FCD52"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-c5400/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-400xx/CVE-2023-40039.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40039",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T07:15:08.123",
"lastModified": "2023-09-11T07:15:08.123",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-400xx/CVE-2023-40040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40040",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T06:15:43.830",
"lastModified": "2023-09-11T06:15:43.830",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

81
CVE-2023/CVE-2023-401xx/CVE-2023-40193.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-40193",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:14.697",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:41:36.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' allows a network-adjacent authenticated attacker to execute arbitrary OS commands."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:deco_m4_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.5.8",
"matchCriteriaId": "1C911A31-E31C-424A-8CAC-87CB7277BCB3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:deco_m4:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E129FC-090F-422D-89CB-AE537FEDA708"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-m4/v2/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

180
CVE-2023/CVE-2023-403xx/CVE-2023-40357.json
View File

@ -2,35 +2,199 @@
"id": "CVE-2023-40357",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:14.820",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:42:13.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504', Archer AX10 firmware versions prior to 'Archer AX10(JP)_V1.2_230508', and Archer AX11000 firmware versions prior to 'Archer AX11000(JP)_V1_230523'."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax50_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230529",
"matchCriteriaId": "6FED5A58-CE05-4048-AD76-985B28F1E059"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax50:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFA093D-FBF5-4B8D-87FD-DA09B0EEF9C8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_a10_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "230504",
"matchCriteriaId": "DC497214-6875-43D7-A8FB-9E6B2D307DE9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_a10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "617EFAC4-CAB1-41FB-BC30-29ED4A84D74A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax10_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230508",
"matchCriteriaId": "3DC73D06-13CF-47C5-81C4-37C8348CED43"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "307B80ED-EEBB-4378-ADA3-B9E821AA3B36"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax11000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "230523",
"matchCriteriaId": "A5D83433-6BAB-42DB-A0DB-F4C95F7E7BDE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax11000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75171CD1-0D58-472F-AA60-A990FCA157DA"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-a10/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax10/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax11000/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax50/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

81
CVE-2023/CVE-2023-405xx/CVE-2023-40531.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-40531",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-06T10:15:15.097",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:42:39.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Archer AX6000 firmware versions prior to 'Archer AX6000(JP)_V1_1.3.0 Build 20221208' allows a network-adjacent authenticated attacker to execute arbitrary OS commands."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax6000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.0",
"matchCriteriaId": "6E490D46-4F1A-4BCF-8519-68FE647BBC1B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax6000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "800AD82D-B7F1-4497-A072-A9ACC1A4775E"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU99392903/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax6000/v1/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-41xx/CVE-2023-4104.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4104",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:08.997",
"lastModified": "2023-09-11T09:15:08.997",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-424xx/CVE-2023-42467.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42467",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T04:15:10.720",
"lastModified": "2023-09-11T04:15:10.720",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-424xx/CVE-2023-42470.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42470",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T08:15:07.647",
"lastModified": "2023-09-11T08:15:07.647",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-424xx/CVE-2023-42471.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42471",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T08:15:07.703",
"lastModified": "2023-09-11T08:15:07.703",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4573.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4573",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T08:15:07.847",
"lastModified": "2023-09-11T08:15:07.847",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4574.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4574",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.087",
"lastModified": "2023-09-11T09:15:09.087",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4575.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4575",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.143",
"lastModified": "2023-09-11T09:15:09.143",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4576.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4576",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.217",
"lastModified": "2023-09-11T09:15:09.217",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4577.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4577",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.287",
"lastModified": "2023-09-11T09:15:09.287",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4578.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4578",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.347",
"lastModified": "2023-09-11T09:15:09.347",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4579",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.407",
"lastModified": "2023-09-11T09:15:09.407",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4580.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4580",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.477",
"lastModified": "2023-09-11T09:15:09.477",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4581.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4581",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.550",
"lastModified": "2023-09-11T09:15:09.550",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4582.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4582",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.617",
"lastModified": "2023-09-11T09:15:09.617",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4583.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4583",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.680",
"lastModified": "2023-09-11T09:15:09.680",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4584",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.740",
"lastModified": "2023-09-11T09:15:09.740",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-45xx/CVE-2023-4585.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4585",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.797",
"lastModified": "2023-09-11T09:15:09.797",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

61
CVE-2023/CVE-2023-45xx/CVE-2023-4588.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4588",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-06T12:15:07.827",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:44:02.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +76,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:delinea:secret_server:10.9.000002:*:*:*:*:*:*:*",
"matchCriteriaId": "0549C65A-06F9-41D4-BF9C-D303A8BC578C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:delinea:secret_server:11.4.000002:*:*:*:*:*:*:*",
"matchCriteriaId": "26B9E59F-98C5-4AAE-B0BD-418B8D7EC723"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-45xx/CVE-2023-4589.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4589",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-06T12:15:07.967",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:44:47.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +76,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:delinea:secret_server:10.9.000002:*:*:*:*:*:*:*",
"matchCriteriaId": "0549C65A-06F9-41D4-BF9C-D303A8BC578C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

50
CVE-2023/CVE-2023-46xx/CVE-2023-4634.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4634",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-06T09:15:08.873",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-11T13:29:41.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,26 +46,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:davidlingren:media_library_assistant:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.10",
"matchCriteriaId": "5C1D11EB-8D81-458F-972A-2143B2D66FB7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Patrowl/CVE-2023-4634/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://packetstormsecurity.com/files/174508/wpmla309-lfiexec.tgz",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://patrowl.io/blog-wordpress-media-library-rce-cve-2023-4634/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2955933%40media-library-assistant&new=2955933%40media-library-assistant&sfp_email=&sfph_mail=#file4",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05c68377-feb6-442d-a3a0-1fbc246c7cbf?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-48xx/CVE-2023-4816.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4816",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2023-09-11T08:15:07.917",
"lastModified": "2023-09-11T08:15:07.917",
"vulnStatus": "Received",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

35
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-11T12:00:26.438117+00:00
2023-09-11T14:00:26.165387+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-11T10:15:07.603000+00:00
2023-09-11T13:59:16.787000+00:00
```
### Last Data Feed Release
@ -29,20 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
224589
224590
```
### CVEs added in the last Commit
Recently added CVEs: `1`
* [CVE-2023-3612](CVE-2023/CVE-2023-36xx/CVE-2023-3612.json) (`2023-09-11T10:15:07.603`)
* [CVE-2023-36161](CVE-2023/CVE-2023-361xx/CVE-2023-36161.json) (`2023-09-11T13:15:24.947`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `44`
* [CVE-2023-4584](CVE-2023/CVE-2023-45xx/CVE-2023-4584.json) (`2023-09-11T12:41:46.007`)
* [CVE-2023-4585](CVE-2023/CVE-2023-45xx/CVE-2023-4585.json) (`2023-09-11T12:41:46.007`)
* [CVE-2023-3612](CVE-2023/CVE-2023-36xx/CVE-2023-3612.json) (`2023-09-11T12:41:46.007`)
* [CVE-2023-38574](CVE-2023/CVE-2023-385xx/CVE-2023-38574.json) (`2023-09-11T12:50:00.413`)
* [CVE-2023-28538](CVE-2023/CVE-2023-285xx/CVE-2023-28538.json) (`2023-09-11T13:02:29.710`)
* [CVE-2023-4634](CVE-2023/CVE-2023-46xx/CVE-2023-4634.json) (`2023-09-11T13:29:41.373`)
* [CVE-2023-31188](CVE-2023/CVE-2023-311xx/CVE-2023-31188.json) (`2023-09-11T13:33:19.063`)
* [CVE-2023-32619](CVE-2023/CVE-2023-326xx/CVE-2023-32619.json) (`2023-09-11T13:35:49.373`)
* [CVE-2023-36489](CVE-2023/CVE-2023-364xx/CVE-2023-36489.json) (`2023-09-11T13:36:35.507`)
* [CVE-2023-39266](CVE-2023/CVE-2023-392xx/CVE-2023-39266.json) (`2023-09-11T13:38:57.110`)
* [CVE-2023-37284](CVE-2023/CVE-2023-372xx/CVE-2023-37284.json) (`2023-09-11T13:39:06.927`)
* [CVE-2023-38563](CVE-2023/CVE-2023-385xx/CVE-2023-38563.json) (`2023-09-11T13:39:23.730`)
* [CVE-2023-38568](CVE-2023/CVE-2023-385xx/CVE-2023-38568.json) (`2023-09-11T13:39:55.610`)
* [CVE-2023-38588](CVE-2023/CVE-2023-385xx/CVE-2023-38588.json) (`2023-09-11T13:40:16.047`)
* [CVE-2023-39224](CVE-2023/CVE-2023-392xx/CVE-2023-39224.json) (`2023-09-11T13:40:42.273`)
* [CVE-2023-39935](CVE-2023/CVE-2023-399xx/CVE-2023-39935.json) (`2023-09-11T13:41:11.193`)
* [CVE-2023-40193](CVE-2023/CVE-2023-401xx/CVE-2023-40193.json) (`2023-09-11T13:41:36.760`)
* [CVE-2023-40357](CVE-2023/CVE-2023-403xx/CVE-2023-40357.json) (`2023-09-11T13:42:13.197`)
* [CVE-2023-40531](CVE-2023/CVE-2023-405xx/CVE-2023-40531.json) (`2023-09-11T13:42:39.903`)
* [CVE-2023-4588](CVE-2023/CVE-2023-45xx/CVE-2023-4588.json) (`2023-09-11T13:44:02.943`)
* [CVE-2023-4589](CVE-2023/CVE-2023-45xx/CVE-2023-4589.json) (`2023-09-11T13:44:47.663`)
* [CVE-2023-27523](CVE-2023/CVE-2023-275xx/CVE-2023-27523.json) (`2023-09-11T13:46:08.797`)
* [CVE-2023-27526](CVE-2023/CVE-2023-275xx/CVE-2023-27526.json) (`2023-09-11T13:46:43.207`)
* [CVE-2023-39267](CVE-2023/CVE-2023-392xx/CVE-2023-39267.json) (`2023-09-11T13:52:50.330`)
* [CVE-2023-39268](CVE-2023/CVE-2023-392xx/CVE-2023-39268.json) (`2023-09-11T13:59:16.787`)
## Download and Usage