Auto-Update: 2024-09-08T14:00:17.074471+00:00

CVE-2024/CVE-2024-423xx/CVE-2024-42334.json

@@ -2,100 +2,15 @@
   "id": "CVE-2024-42334",
   "sourceIdentifier": "cna@cyber.gov.il",
   "published": "2024-08-20T13:15:04.930",
-  "lastModified": "2024-08-21T15:59:56.493",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-09-08T12:15:09.880",
+  "vulnStatus": "Rejected",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "Hargal - CWE-284: Improper Access Control"
-    },
-    {
-      "lang": "es",
-      "value": "Hargal - CWE-284: Control de acceso inadecuado"
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
-          "attackVector": "NETWORK",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "NONE",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
-          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH",
-          "baseScore": 9.8,
-          "baseSeverity": "CRITICAL"
-        },
-        "exploitabilityScore": 3.9,
-        "impactScore": 5.9
-      },
-      {
-        "source": "cna@cyber.gov.il",
-        "type": "Secondary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
-          "attackVector": "NETWORK",
-          "attackComplexity": "HIGH",
-          "privilegesRequired": "NONE",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
-          "integrityImpact": "HIGH",
-          "availabilityImpact": "NONE",
-          "baseScore": 7.4,
-          "baseSeverity": "HIGH"
-        },
-        "exploitabilityScore": 2.2,
-        "impactScore": 5.2
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "cna@cyber.gov.il",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-284"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:a:hargal:hargal_windows_client:*:*:*:*:*:*:*:*",
-              "versionEndExcluding": "2401",
-              "matchCriteriaId": "A2818922-CA03-4F0E-ABBF-EAB0988A328B"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://www.gov.il/en/Departments/faq/cve_advisories",
-      "source": "cna@cyber.gov.il",
-      "tags": [
-        "Third Party Advisory"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2024/CVE-2024-423xx/CVE-2024-42341.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-42341",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-09-08T12:15:10.427",
+  "lastModified": "2024-09-08T12:15:10.427",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-601"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.gov.il/en/Departments/faq/cve_advisories",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}

CVE-2024/CVE-2024-423xx/CVE-2024-42342.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-42342",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-09-08T12:15:10.663",
+  "lastModified": "2024-09-08T12:15:10.663",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Loway -  CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-444"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.gov.il/en/Departments/faq/cve_advisories",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}

CVE-2024/CVE-2024-423xx/CVE-2024-42343.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-42343",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-09-08T12:15:10.890",
+  "lastModified": "2024-09-08T12:15:10.890",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Loway - CWE-204: Observable Response Discrepancy"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-204"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.gov.il/en/Departments/faq/cve_advisories",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-09-08T12:00:17.248194+00:00
+2024-09-08T14:00:17.074471+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-09-08T11:15:10.430000+00:00
+2024-09-08T12:15:10.890000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,21 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-262179
+262182
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `2`
+Recently added CVEs: `3`
 
-- [CVE-2024-8573](CVE-2024/CVE-2024-85xx/CVE-2024-8573.json) (`2024-09-08T10:15:01.907`)
-- [CVE-2024-8574](CVE-2024/CVE-2024-85xx/CVE-2024-8574.json) (`2024-09-08T11:15:10.430`)
+- [CVE-2024-42341](CVE-2024/CVE-2024-423xx/CVE-2024-42341.json) (`2024-09-08T12:15:10.427`)
+- [CVE-2024-42342](CVE-2024/CVE-2024-423xx/CVE-2024-42342.json) (`2024-09-08T12:15:10.663`)
+- [CVE-2024-42343](CVE-2024/CVE-2024-423xx/CVE-2024-42343.json) (`2024-09-08T12:15:10.890`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 
+- [CVE-2024-42334](CVE-2024/CVE-2024-423xx/CVE-2024-42334.json) (`2024-09-08T12:15:09.880`)
 
 
 ## Download and Usage

_state.csv

@@ -257993,7 +257993,7 @@ CVE-2024-42320,0,0,3bb9745120c3e683aefbafbca3ae9140002adac221663a12333f744da45f1
 CVE-2024-42321,0,0,1716db5db6c984bf2ebbd691b80440a9181fa253c6bc8c5d00954d830484e312,2024-08-19T12:59:59.177000
 CVE-2024-42322,0,0,2accb2a45b605eba549de2a0c83236102f9dab689f1b61dc800f0c45a0f92db4,2024-08-19T12:59:59.177000
 CVE-2024-4233,0,0,e3336c43dd885f8db6271cd8e49f7796169d1b724e733d53d39e8dcd56cab238,2024-05-08T17:05:24.083000
-CVE-2024-42334,0,0,63554eb6ad9440efa3ee44750a635a89b93444804b44759a759c86799c0d08da,2024-08-21T15:59:56.493000
+CVE-2024-42334,0,1,bde83a8b3e1fda08d590302dc4b567a00367ef315528bceb61555d7d23e4876c,2024-09-08T12:15:09.880000
 CVE-2024-42335,0,0,2b9b97973dd654c6eb68cc221bad7788b92938b457385b73625ca969f07db996,2024-08-21T13:49:19.863000
 CVE-2024-42336,0,0,74e57bfa6ceb0764665eac825d78f0a67cb52357a0fbd794d7fcb504d5103724,2024-08-27T14:59:38.100000
 CVE-2024-42337,0,0,76aed1566fc52b0e12514551ebbf6ae5c8fcd5dc1022f916f44ed893b78ec187,2024-08-30T19:47:49.993000
@@ -258001,6 +258001,9 @@ CVE-2024-42338,0,0,1c166daf89824e931f66e0595fb5e5754e965336c9788e410016199689669
 CVE-2024-42339,0,0,0f64f5dc7b4d98f934a7a3631edfea2fcfdfd750cae95143817c35e5cf790c70,2024-08-30T19:47:13.743000
 CVE-2024-4234,0,0,18c98986f4d0c323ca7a76881b57d07f11d740fced15b647da44016411c790ed,2024-04-26T15:32:22.523000
 CVE-2024-42340,0,0,708aac03ef44aeea471e9a045b752e905888f9d429c0c9806a766c67411a6e38,2024-08-30T19:47:36
+CVE-2024-42341,1,1,7027bef93dfed93ec135140e6e2a911166114baf146d87f15ff43c72ee02d63d,2024-09-08T12:15:10.427000
+CVE-2024-42342,1,1,e49b1c9360a5a913c93778ed2b054958b429663dd126895a65625749f7519d33,2024-09-08T12:15:10.663000
+CVE-2024-42343,1,1,31370171aa70e0a20597cb1895579d203c4c22926cb47eb327d29ca625f8d363,2024-09-08T12:15:10.890000
 CVE-2024-42347,0,0,9d56c3d6f460e2251d08d50a3e874b7efeb364cadb050367418d1be0b31e15cb,2024-08-12T18:52:08.163000
 CVE-2024-42348,0,0,9049ba06c12fadbe924de4e1d7650091813be7f3a3306b9434f7ebd8620eed32,2024-08-05T12:41:45.957000
 CVE-2024-42349,0,0,7c83a1a3a31095b7c061367c56e1e2185d3951ede9de2f7c2b93de97074131bc,2024-08-05T12:41:45.957000
@@ -262176,5 +262179,5 @@ CVE-2024-8569,0,0,cddbad41d115b0e24f21900215e9a8424d8cd4b102bb78b99cdec197572a52
 CVE-2024-8570,0,0,81f0759069b3ea9299d0bb8ce9d4e5d6ff5dc8250f74bf869cce93ec5dcff888,2024-09-08T07:15:01.977000
 CVE-2024-8571,0,0,4b0212832637fc09d08559fac9a5f7c29a912232f1c3f5c1babf41ce57464ae5,2024-09-08T08:15:13.157000
 CVE-2024-8572,0,0,cce7dc5e1ed269ccfa18ad3557ca30ca7a8ba65c362c5f22fb757edf0c4a1bae,2024-09-08T08:15:13.443000
-CVE-2024-8573,1,1,484e635dac50c7757dda7d82f3d424cde0770e935ae4d60ef3414a006860e4c3,2024-09-08T10:15:01.907000
-CVE-2024-8574,1,1,3feb7a09243a69f64c60218b17af890368ca0b5b4cf798662e02c55f39739523,2024-09-08T11:15:10.430000
+CVE-2024-8573,0,0,484e635dac50c7757dda7d82f3d424cde0770e935ae4d60ef3414a006860e4c3,2024-09-08T10:15:01.907000
+CVE-2024-8574,0,0,3feb7a09243a69f64c60218b17af890368ca0b5b4cf798662e02c55f39739523,2024-09-08T11:15:10.430000