Auto-Update: 2024-05-28T12:00:36.345358+00:00

CVE-2021/CVE-2021-267xx/CVE-2021-26724.json

@@ -2,8 +2,8 @@
   "id": "CVE-2021-26724",
   "sourceIdentifier": "prodsec@nozominetworks.com",
   "published": "2021-02-22T21:15:19.787",
-  "lastModified": "2021-02-26T17:38:17.390",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-05-28T11:15:08.693",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",

CVE-2021/CVE-2021-267xx/CVE-2021-26725.json

@@ -2,8 +2,8 @@
   "id": "CVE-2021-26725",
   "sourceIdentifier": "prodsec@nozominetworks.com",
   "published": "2021-02-22T21:15:19.913",
-  "lastModified": "2021-02-26T16:53:28.437",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-05-28T11:15:09.643",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-05xx/CVE-2022-0550.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-0550",
   "sourceIdentifier": "prodsec@nozominetworks.com",
   "published": "2022-03-24T15:15:07.853",
-  "lastModified": "2022-03-30T20:11:59.387",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-05-28T11:15:09.800",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-05xx/CVE-2022-0551.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-0551",
   "sourceIdentifier": "prodsec@nozominetworks.com",
   "published": "2022-03-24T15:15:07.917",
-  "lastModified": "2022-03-30T18:11:32.967",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-05-28T11:15:09.963",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-25xx/CVE-2022-2513.json

@@ -2,12 +2,12 @@
   "id": "CVE-2022-2513",
   "sourceIdentifier": "cybersecurity@hitachienergy.com",
   "published": "2022-11-22T11:15:29.027",
-  "lastModified": "2023-11-07T03:46:37.853",
+  "lastModified": "2024-05-28T11:15:10.083",
   "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
-      "value": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database. An attacker who manages to get access to the exported backup file can exploit the vulnerability and obtain credentials of the IEDs. The credentials may be used to perform unauthorized modifications such as\u00a0loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.\n\n"
+      "value": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An attacker having get access to the exported backup file can exploit the vulnerability and obtain user credentials of the IEDs. Additionally, an attacker with administrator access to the PCM600 host machine can obtain other user credentials by analyzing database log files. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs."
     },
     {
       "lang": "es",
@@ -200,11 +200,8 @@
   ],
   "references": [
     {
-      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000120&LanguageCode=en&DocumentPartId=&Action=Launch",
-      "source": "cybersecurity@hitachienergy.com",
-      "tags": [
-        "Vendor Advisory"
-      ]
+      "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000120&LanguageCode=en&DocumentPartId=&Action=Launch",
+      "source": "cybersecurity@hitachienergy.com"
     }
   ]
 }

CVE-2024/CVE-2024-54xx/CVE-2024-5410.json

@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2024-5410",
+  "sourceIdentifier": "office@cyberdanube.com",
+  "published": "2024-05-28T11:15:10.327",
+  "lastModified": "2024-05-28T11:15:10.327",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "office@cyberdanube.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/",
+      "source": "office@cyberdanube.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-54xx/CVE-2024-5411.json

@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2024-5411",
+  "sourceIdentifier": "office@cyberdanube.com",
+  "published": "2024-05-28T11:15:10.520",
+  "lastModified": "2024-05-28T11:15:10.520",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "office@cyberdanube.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-77"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/",
+      "source": "office@cyberdanube.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-05-28T10:01:22.180461+00:00
+2024-05-28T12:00:36.345358+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-05-28T07:15:10.810000+00:00
+2024-05-28T11:15:10.520000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,20 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-251895
+251897
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `0`
+Recently added CVEs: `2`
 
+- [CVE-2024-5410](CVE-2024/CVE-2024-54xx/CVE-2024-5410.json) (`2024-05-28T11:15:10.327`)
+- [CVE-2024-5411](CVE-2024/CVE-2024-54xx/CVE-2024-5411.json) (`2024-05-28T11:15:10.520`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `5`
 
-- [CVE-2023-52712](CVE-2023/CVE-2023-527xx/CVE-2023-52712.json) (`2024-05-28T07:15:10.810`)
+- [CVE-2021-26724](CVE-2021/CVE-2021-267xx/CVE-2021-26724.json) (`2024-05-28T11:15:08.693`)
+- [CVE-2021-26725](CVE-2021/CVE-2021-267xx/CVE-2021-26725.json) (`2024-05-28T11:15:09.643`)
+- [CVE-2022-0550](CVE-2022/CVE-2022-05xx/CVE-2022-0550.json) (`2024-05-28T11:15:09.800`)
+- [CVE-2022-0551](CVE-2022/CVE-2022-05xx/CVE-2022-0551.json) (`2024-05-28T11:15:09.963`)
+- [CVE-2022-2513](CVE-2022/CVE-2022-25xx/CVE-2022-2513.json) (`2024-05-28T11:15:10.083`)
 
 
 ## Download and Usage

_state.csv

@@ -171939,8 +171939,8 @@ CVE-2021-26719,0,0,1e9fd5bbe480fe7e9c29fbe149d292d1d28568f900d8832990c75fb4b5480
 CVE-2021-26720,0,0,7770fcd2e5df4f630cc106bb49c6d9d532fa4ae33d60030aea8c60917864c798,2022-12-06T21:52:34.143000
 CVE-2021-26722,0,0,d79b41a6a5c3714bf70cbda16c27ed400fe19660527364d0aca8261d143ad501,2021-02-08T20:54:50.683000
 CVE-2021-26723,0,0,8120250154f6b94191b9eb6f711a63671d141a669e262dd36a566c63a6be7c2a,2021-03-04T21:45:31.387000
-CVE-2021-26724,0,0,bcf164a1cf908096cb1ae77342427a4a941525d31f27a1862b8bf7768167b6c5,2021-02-26T17:38:17.390000
-CVE-2021-26725,0,0,b7fab4b54c6228d3f0f70093a5fe847d002adbbde0e8d9d3ad3559612d731900,2021-02-26T16:53:28.437000
+CVE-2021-26724,0,1,85f4083e4521c58c0883d49a7da69ee7dc8da02cce7ba337755b4fafa26ca113,2024-05-28T11:15:08.693000
+CVE-2021-26725,0,1,995695f53f78bd39c57006b90efe7a4567c57398c2718381ad4f770f7d797c02,2024-05-28T11:15:09.643000
 CVE-2021-26726,0,0,1c26de47fcdf1259d669cccfaf074805e72f60820eb2977327e14c6d88e7853a,2023-06-30T21:23:46.500000
 CVE-2021-26727,0,0,5d46cbf752800de7f37c7db4ba1107d68146897d5c75590056eb79054519cfe8,2022-12-03T15:04:22.783000
 CVE-2021-26728,0,0,38da6409219d7c5f53eb3e50ab7f896d6dcf1b43a8c16d034213ba9f9e5a6045,2022-12-03T15:08:15.163000
@@ -187836,8 +187836,8 @@ CVE-2022-0545,0,0,339c7782887e0a4967aefae6c0b2af4125f3a9f1569b40dba3a5e5f2d6b325
 CVE-2022-0546,0,0,468c003085cbea9c3cf8d5a8eebf598517a73a9cd1bbd65b6420bb9c43b85eef,2023-11-07T03:41:22.280000
 CVE-2022-0547,0,0,42e8d2a1de4c9d4e15f9358bfa21e70f54238e5cba8379e0079aebd46a1e7bfa,2023-11-07T03:41:22.420000
 CVE-2022-0549,0,0,f33bb35962e62c2b7266a1a981c6369f66be0242501f9a5d743913ade1940756,2022-04-04T19:20:43.360000
-CVE-2022-0550,0,0,9637d15ba75f2a31cd8bc1f7f9a4a620c3a0f65e17399f0853d4eb5439d2d6e0,2022-03-30T20:11:59.387000
-CVE-2022-0551,0,0,674ad4ae86e192924ee36ca11a67319a3326bbb1ae68a6c5bae795fee23dc15e,2022-03-30T18:11:32.967000
+CVE-2022-0550,0,1,b2d133ed67db1f754c6727ecc4a7170fac0ae7ba834c56e846a9c7667294a97b,2024-05-28T11:15:09.800000
+CVE-2022-0551,0,1,e08f293b37e5f46391e4160f101b09ea5cff3fcbd38854b7db6f22155314b8fb,2024-05-28T11:15:09.963000
 CVE-2022-0552,0,0,a3069e6a15248853b7dddc1f1ff07a24f38a97fb381cb5305a8cbb8b63666717,2023-02-12T22:15:20.927000
 CVE-2022-0553,0,0,55817ed9980527bf2084443781acf52b0b4e8ea97ad2c0ecd38394d896b038ca,2023-07-21T17:13:15.200000
 CVE-2022-0554,0,0,206c02c2c048e081bd0cc1e097927865a34adb033310eeaa2a52fce943c03409,2023-11-07T03:41:22.640000
@@ -193969,7 +193969,7 @@ CVE-2022-25114,0,0,569b98d2f3ead98ae4c0f63712d756cba76f221cc94e0e9d6e320e152da60
 CVE-2022-25115,0,0,7128092716fb83c2ee1524db8bf07c7ba00c1d11835519cba991264600f6988f,2022-03-14T14:27:57.100000
 CVE-2022-2512,0,0,aa921db488ffaf9b151732c40e1ef17ca7233508a62ca084b2121c3b0b0de154,2023-08-08T14:22:24.967000
 CVE-2022-25125,0,0,9b38f0f392b398086dcde9c52f9c99389df6d2b6803935277d77083ee060a6e5,2022-03-09T19:59:23.193000
-CVE-2022-2513,0,0,999ea2013c467554b51f78ddf05dc5e7580f6e1ef1c54ef1a12217f254675f3f,2023-11-07T03:46:37.853000
+CVE-2022-2513,0,1,0703ec7e629db87bffc2dcb3a62ecd4e89d786ed213ae3ef73d9e60838031405,2024-05-28T11:15:10.083000
 CVE-2022-25130,0,0,422bfec62c1c5d4af41d66b3027f3b720a2329db707a2356e5a9b58ac949c02b,2022-02-28T16:29:07.723000
 CVE-2022-25131,0,0,8eafccd105262ccfa8c0afb4e7b24f32a6bb93b01c646aefe802c69133278ccf,2022-02-28T16:29:37.367000
 CVE-2022-25132,0,0,4c4e136f3db2fdcde038b36aef280a0df83e8dafaaefff6ae5e1a6cef857092a,2022-02-28T16:30:33.417000
@@ -238221,7 +238221,7 @@ CVE-2023-52708,0,0,0cf5531d52b4f0e27229e5431a6641f8a33b6ad189d69b571295e2268c746
 CVE-2023-5271,0,0,70cb4211a176d5dd405f00e1f8e768679b692805db27818df2a991a5138e8644,2024-05-17T02:32:57.007000
 CVE-2023-52710,0,0,8a3c1e11cbcd981449050bf88ec435d64257bb18299910d13d5087402394db72,2024-05-28T07:15:10.100000
 CVE-2023-52711,0,0,a6173461c367b71f9d7e53676fb7b1941cfab6c45c6e42917aec09975a7c9459,2024-05-28T07:15:10.490000
-CVE-2023-52712,0,1,e1cfcfd73186506ed670a7b16c04e6084df9aca0eec978bc182ace8af93c1146,2024-05-28T07:15:10.810000
+CVE-2023-52712,0,0,e1cfcfd73186506ed670a7b16c04e6084df9aca0eec978bc182ace8af93c1146,2024-05-28T07:15:10.810000
 CVE-2023-52713,0,0,a82d0be4af03c7dceedf68675e47448344d098e5d4aaf1d8c272ce3767fe9c32,2024-04-08T18:48:40.217000
 CVE-2023-52714,0,0,991cd44d006c1b2366208e786d7d4a500460a04aecbaa12bc932d9b06456d878,2024-04-08T18:48:40.217000
 CVE-2023-52715,0,0,820cbdfbd6db2c6b83279badddd26d2af4801521939e0773de26b1e63304abe5,2024-04-08T18:48:40.217000
@@ -251894,3 +251894,5 @@ CVE-2024-5406,0,0,8388cdb5206a2260ff3ef4be55e5195b9526275a7722f69924ed74fee613c5
 CVE-2024-5407,0,0,f6f018cb73591d5951317cf6cb9418428e5bc3ae925c84689b3ce2d5c483f30a,2024-05-27T13:15:08.573000
 CVE-2024-5408,0,0,219da37207b714ce9e3524b5c58f50d48db58bc623cbb609140a8131f93b7a65,2024-05-27T13:15:08.817000
 CVE-2024-5409,0,0,dc5f7da4fafab5ffa6fcbfdf146c0d675a15daf5a8580fc3a389221d5de44817,2024-05-27T13:15:09.040000
+CVE-2024-5410,1,1,8dbef14cb2d2bce4341c8be896e74784a769a76a67954105459a537d17e7a362,2024-05-28T11:15:10.327000
+CVE-2024-5411,1,1,afeac69bc9fcbfde2c9173f7c4fe2c1a0ddcac8e59f0d2ed87b90ab156ce7826,2024-05-28T11:15:10.520000