From 6897a94367b742962f8cbe81f067a5880e207584 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 18 Dec 2023 21:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-12-18T21:00:25.275519+00:00 --- CVE-2023/CVE-2023-217xx/CVE-2023-21751.json | 48 ++- CVE-2023/CVE-2023-256xx/CVE-2023-25642.json | 99 ++++- CVE-2023/CVE-2023-256xx/CVE-2023-25643.json | 99 ++++- CVE-2023/CVE-2023-256xx/CVE-2023-25644.json | 99 ++++- CVE-2023/CVE-2023-315xx/CVE-2023-31546.json | 68 +++- CVE-2023/CVE-2023-340xx/CVE-2023-34064.json | 69 +++- CVE-2023/CVE-2023-406xx/CVE-2023-40627.json | 67 +++- CVE-2023/CVE-2023-406xx/CVE-2023-40628.json | 67 +++- CVE-2023/CVE-2023-409xx/CVE-2023-40921.json | 70 +++- CVE-2023/CVE-2023-416xx/CVE-2023-41621.json | 68 +++- CVE-2023/CVE-2023-424xx/CVE-2023-42495.json | 52 ++- CVE-2023/CVE-2023-435xx/CVE-2023-43586.json | 86 ++++- CVE-2023/CVE-2023-43xx/CVE-2023-4311.json | 20 + CVE-2023/CVE-2023-451xx/CVE-2023-45182.json | 64 +++- CVE-2023/CVE-2023-451xx/CVE-2023-45185.json | 76 +++- CVE-2023/CVE-2023-463xx/CVE-2023-46348.json | 69 +++- CVE-2023/CVE-2023-467xx/CVE-2023-46750.json | 71 +++- CVE-2023/CVE-2023-46xx/CVE-2023-4694.json | 388 +++++++++++++++++++- CVE-2023/CVE-2023-473xx/CVE-2023-47324.json | 79 +++- CVE-2023/CVE-2023-473xx/CVE-2023-47325.json | 74 +++- CVE-2023/CVE-2023-473xx/CVE-2023-47326.json | 74 +++- CVE-2023/CVE-2023-477xx/CVE-2023-47741.json | 47 +++ CVE-2023/CVE-2023-47xx/CVE-2023-4724.json | 20 + CVE-2023/CVE-2023-484xx/CVE-2023-48444.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48445.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48446.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48447.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48448.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48449.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48450.json | 54 ++- CVE-2023/CVE-2023-484xx/CVE-2023-48451.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48452.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48453.json | 44 ++- CVE-2023/CVE-2023-484xx/CVE-2023-48454.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48455.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48456.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48457.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48458.json | 54 ++- CVE-2023/CVE-2023-484xx/CVE-2023-48459.json | 44 ++- CVE-2023/CVE-2023-484xx/CVE-2023-48460.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48461.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48462.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48463.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48464.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48465.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48466.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48467.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48468.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48469.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48470.json | 54 ++- CVE-2023/CVE-2023-484xx/CVE-2023-48471.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48472.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48473.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48474.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48475.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48476.json | 54 ++- CVE-2023/CVE-2023-484xx/CVE-2023-48477.json | 44 ++- CVE-2023/CVE-2023-484xx/CVE-2023-48478.json | 44 ++- CVE-2023/CVE-2023-484xx/CVE-2023-48479.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48480.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48481.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48482.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48483.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48484.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48485.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48486.json | 54 ++- CVE-2023/CVE-2023-484xx/CVE-2023-48487.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48488.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48489.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48490.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48491.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48492.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48493.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48494.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48495.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48496.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48497.json | 64 +++- CVE-2023/CVE-2023-484xx/CVE-2023-48498.json | 34 +- CVE-2023/CVE-2023-484xx/CVE-2023-48499.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48500.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48501.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48502.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48503.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48504.json | 44 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48505.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48506.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48507.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48508.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48509.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48510.json | 54 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48511.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48512.json | 44 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48513.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48514.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48515.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48516.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48517.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48518.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48519.json | 54 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48520.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48521.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48522.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48523.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48524.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48525.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48526.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48527.json | 44 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48528.json | 54 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48529.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48530.json | 44 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48531.json | 54 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48532.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48533.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48534.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48535.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48536.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48537.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48538.json | 44 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48539.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48540.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48541.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48542.json | 54 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48543.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48544.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48545.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48546.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48547.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48548.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48549.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48550.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48551.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48552.json | 44 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48553.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48554.json | 54 ++- CVE-2023/CVE-2023-485xx/CVE-2023-48555.json | 34 +- CVE-2023/CVE-2023-485xx/CVE-2023-48556.json | 34 +- CVE-2023/CVE-2023-486xx/CVE-2023-48631.json | 65 +++- CVE-2023/CVE-2023-487xx/CVE-2023-48702.json | 63 +++- CVE-2023/CVE-2023-487xx/CVE-2023-48756.json | 51 ++- CVE-2023/CVE-2023-487xx/CVE-2023-48767.json | 61 ++- CVE-2023/CVE-2023-487xx/CVE-2023-48795.json | 12 +- CVE-2023/CVE-2023-489xx/CVE-2023-48925.json | 69 +++- CVE-2023/CVE-2023-491xx/CVE-2023-49171.json | 51 ++- CVE-2023/CVE-2023-491xx/CVE-2023-49172.json | 51 ++- CVE-2023/CVE-2023-491xx/CVE-2023-49173.json | 51 ++- CVE-2023/CVE-2023-491xx/CVE-2023-49195.json | 51 ++- CVE-2023/CVE-2023-495xx/CVE-2023-49581.json | 79 +++- CVE-2023/CVE-2023-497xx/CVE-2023-49766.json | 51 ++- CVE-2023/CVE-2023-497xx/CVE-2023-49771.json | 51 ++- CVE-2023/CVE-2023-498xx/CVE-2023-49813.json | 51 ++- CVE-2023/CVE-2023-498xx/CVE-2023-49820.json | 51 ++- CVE-2023/CVE-2023-498xx/CVE-2023-49827.json | 51 ++- CVE-2023/CVE-2023-498xx/CVE-2023-49828.json | 61 ++- CVE-2023/CVE-2023-498xx/CVE-2023-49833.json | 51 ++- CVE-2023/CVE-2023-498xx/CVE-2023-49841.json | 51 ++- CVE-2023/CVE-2023-500xx/CVE-2023-50073.json | 67 +++- CVE-2023/CVE-2023-502xx/CVE-2023-50248.json | 64 +++- CVE-2023/CVE-2023-503xx/CVE-2023-50370.json | 51 ++- CVE-2023/CVE-2023-503xx/CVE-2023-50371.json | 51 ++- CVE-2023/CVE-2023-505xx/CVE-2023-50563.json | 67 +++- CVE-2023/CVE-2023-505xx/CVE-2023-50564.json | 67 +++- CVE-2023/CVE-2023-505xx/CVE-2023-50565.json | 67 +++- CVE-2023/CVE-2023-507xx/CVE-2023-50775.json | 73 +++- CVE-2023/CVE-2023-507xx/CVE-2023-50776.json | 73 +++- CVE-2023/CVE-2023-507xx/CVE-2023-50777.json | 73 +++- CVE-2023/CVE-2023-507xx/CVE-2023-50778.json | 73 +++- CVE-2023/CVE-2023-507xx/CVE-2023-50779.json | 73 +++- CVE-2023/CVE-2023-50xx/CVE-2023-5005.json | 20 + CVE-2023/CVE-2023-513xx/CVE-2023-51384.json | 24 ++ CVE-2023/CVE-2023-513xx/CVE-2023-51385.json | 24 ++ CVE-2023/CVE-2023-53xx/CVE-2023-5348.json | 20 + CVE-2023/CVE-2023-55xx/CVE-2023-5536.json | 75 +++- CVE-2023/CVE-2023-57xx/CVE-2023-5769.json | 331 ++++++++++++++++- CVE-2023/CVE-2023-58xx/CVE-2023-5882.json | 20 + CVE-2023/CVE-2023-58xx/CVE-2023-5886.json | 20 + CVE-2023/CVE-2023-59xx/CVE-2023-5949.json | 20 + CVE-2023/CVE-2023-60xx/CVE-2023-6065.json | 24 ++ CVE-2023/CVE-2023-60xx/CVE-2023-6077.json | 20 + CVE-2023/CVE-2023-62xx/CVE-2023-6203.json | 20 + CVE-2023/CVE-2023-62xx/CVE-2023-6222.json | 24 ++ CVE-2023/CVE-2023-62xx/CVE-2023-6272.json | 20 + CVE-2023/CVE-2023-62xx/CVE-2023-6289.json | 20 + CVE-2023/CVE-2023-62xx/CVE-2023-6295.json | 20 + CVE-2023/CVE-2023-63xx/CVE-2023-6381.json | 58 ++- CVE-2023/CVE-2023-64xx/CVE-2023-6407.json | 93 ++++- CVE-2023/CVE-2023-65xx/CVE-2023-6542.json | 62 +++- CVE-2023/CVE-2023-65xx/CVE-2023-6569.json | 64 +++- CVE-2023/CVE-2023-65xx/CVE-2023-6570.json | 52 ++- CVE-2023/CVE-2023-65xx/CVE-2023-6571.json | 52 ++- CVE-2023/CVE-2023-66xx/CVE-2023-6691.json | 4 +- CVE-2023/CVE-2023-67xx/CVE-2023-6765.json | 64 +++- CVE-2023/CVE-2023-67xx/CVE-2023-6766.json | 64 +++- CVE-2023/CVE-2023-67xx/CVE-2023-6767.json | 58 ++- README.md | 82 +++-- 194 files changed, 8629 insertions(+), 613 deletions(-) create mode 100644 CVE-2023/CVE-2023-43xx/CVE-2023-4311.json create mode 100644 CVE-2023/CVE-2023-477xx/CVE-2023-47741.json create mode 100644 CVE-2023/CVE-2023-47xx/CVE-2023-4724.json create mode 100644 CVE-2023/CVE-2023-50xx/CVE-2023-5005.json create mode 100644 CVE-2023/CVE-2023-513xx/CVE-2023-51384.json create mode 100644 CVE-2023/CVE-2023-513xx/CVE-2023-51385.json create mode 100644 CVE-2023/CVE-2023-53xx/CVE-2023-5348.json create mode 100644 CVE-2023/CVE-2023-58xx/CVE-2023-5882.json create mode 100644 CVE-2023/CVE-2023-58xx/CVE-2023-5886.json create mode 100644 CVE-2023/CVE-2023-59xx/CVE-2023-5949.json create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6065.json create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6077.json create mode 100644 CVE-2023/CVE-2023-62xx/CVE-2023-6203.json create mode 100644 CVE-2023/CVE-2023-62xx/CVE-2023-6222.json create mode 100644 CVE-2023/CVE-2023-62xx/CVE-2023-6272.json create mode 100644 CVE-2023/CVE-2023-62xx/CVE-2023-6289.json create mode 100644 CVE-2023/CVE-2023-62xx/CVE-2023-6295.json diff --git a/CVE-2023/CVE-2023-217xx/CVE-2023-21751.json b/CVE-2023/CVE-2023-217xx/CVE-2023-21751.json index 7532f637fec..35e9c017714 100644 --- a/CVE-2023/CVE-2023-217xx/CVE-2023-21751.json +++ b/CVE-2023/CVE-2023-217xx/CVE-2023-21751.json @@ -2,12 +2,16 @@ "id": "CVE-2023-21751", "sourceIdentifier": "secure@microsoft.com", "published": "2023-12-14T00:15:42.863", - "lastModified": "2023-12-14T13:52:16.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:26:39.483", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Azure DevOps Server Spoofing Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de suplantaci\u00f3n de identidad del servidor Azure DevOps" } ], "metrics": { @@ -34,10 +38,48 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:azure_devops_server:2020.1.2:-:*:*:*:*:*:*", + "matchCriteriaId": "A8F7E9F3-B3DC-4161-AA99-DF4E17599868" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:azure_devops_server:2022.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "1B8B832B-91ED-4283-91EB-DD3D29D58669" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21751", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-256xx/CVE-2023-25642.json b/CVE-2023/CVE-2023-256xx/CVE-2023-25642.json index d5af6bbaeab..7e4fc92ec97 100644 --- a/CVE-2023/CVE-2023-256xx/CVE-2023-25642.json +++ b/CVE-2023/CVE-2023-256xx/CVE-2023-25642.json @@ -2,16 +2,40 @@ "id": "CVE-2023-25642", "sourceIdentifier": "psirt@zte.com.cn", "published": "2023-12-14T08:15:37.717", - "lastModified": "2023-12-14T13:52:06.780", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:09:30.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nThere is a buffer overflow vulnerability in some ZTE\u00a0mobile internet\u00a0producsts. Due to insufficient validation of tcp port parameter,\u00a0an authenticated attacker could use the vulnerability to perform a denial of service attack.\u00a0\n\n" + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de desbordamiento del b\u00fafer en algunos productos de Internet m\u00f3vil de ZTE. Debido a una validaci\u00f3n insuficiente del par\u00e1metro del puerto tcp, un atacante autenticado podr\u00eda utilizar la vulnerabilidad para realizar un ataque de denegaci\u00f3n de servicio." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "psirt@zte.com.cn", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "psirt@zte.com.cn", "type": "Secondary", @@ -46,10 +80,69 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zte:mc801a_firmware:mc801a_elisa3_b19:*:*:*:*:*:*:*", + "matchCriteriaId": "26E81BDF-7249-4834-BE1A-F59972F3D4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zte:mc801a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DC8126B4-CBCF-4616-886B-E50C089D2F6B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zte:mc801a1_firmware:mc801a1_elisa1_b04:*:*:*:*:*:*:*", + "matchCriteriaId": "5AE44916-2BFF-44C9-B434-DC47473E3E1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zte:mc801a1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE626E17-D246-4A9C-8B2C-08F7760118B8" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032504", - "source": "psirt@zte.com.cn" + "source": "psirt@zte.com.cn", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-256xx/CVE-2023-25643.json b/CVE-2023/CVE-2023-256xx/CVE-2023-25643.json index 3fb68539a75..11bd3ea7bfb 100644 --- a/CVE-2023/CVE-2023-256xx/CVE-2023-25643.json +++ b/CVE-2023/CVE-2023-256xx/CVE-2023-25643.json @@ -2,16 +2,40 @@ "id": "CVE-2023-25643", "sourceIdentifier": "psirt@zte.com.cn", "published": "2023-12-14T08:15:38.357", - "lastModified": "2023-12-14T13:52:06.780", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:09:13.630", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\n\n\nThere is a command injection vulnerability in some ZTE mobile internet\u00a0products. Due to insufficient input\u00a0validation of\u00a0multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.\n\n\n\n" + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en algunos productos de internet m\u00f3vil de ZTE. Debido a una validaci\u00f3n de entrada insuficiente de m\u00faltiples par\u00e1metros de red, un atacante autenticado podr\u00eda utilizar la vulnerabilidad para ejecutar comandos arbitrarios." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "psirt@zte.com.cn", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + }, { "source": "psirt@zte.com.cn", "type": "Secondary", @@ -46,10 +80,69 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zte:mc801a_firmware:mc801a_elisa3_b19:*:*:*:*:*:*:*", + "matchCriteriaId": "26E81BDF-7249-4834-BE1A-F59972F3D4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zte:mc801a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DC8126B4-CBCF-4616-886B-E50C089D2F6B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zte:mc801a1_firmware:mc801a1_elisa1_b04:*:*:*:*:*:*:*", + "matchCriteriaId": "5AE44916-2BFF-44C9-B434-DC47473E3E1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zte:mc801a1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE626E17-D246-4A9C-8B2C-08F7760118B8" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032504", - "source": "psirt@zte.com.cn" + "source": "psirt@zte.com.cn", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-256xx/CVE-2023-25644.json b/CVE-2023/CVE-2023-256xx/CVE-2023-25644.json index beb54cf9926..963ea509048 100644 --- a/CVE-2023/CVE-2023-256xx/CVE-2023-25644.json +++ b/CVE-2023/CVE-2023-256xx/CVE-2023-25644.json @@ -2,16 +2,40 @@ "id": "CVE-2023-25644", "sourceIdentifier": "psirt@zte.com.cn", "published": "2023-12-14T08:15:38.997", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:08:39.477", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nThere is a denial of service vulnerability in some ZTE\u00a0mobile internet products. Due to insufficient validation of Web interface parameter, an attacker could use the vulnerability to perform a denial of service attack.\n\n" + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio en algunos productos de Internet m\u00f3vil de ZTE. Debido a una validaci\u00f3n insuficiente del par\u00e1metro de la interfaz web, un atacante podr\u00eda utilizar la vulnerabilidad para realizar un ataque de denegaci\u00f3n de servicio." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@zte.com.cn", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "psirt@zte.com.cn", "type": "Secondary", @@ -46,10 +80,69 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zte:mc801a_firmware:mc801a_elisa3_b19:*:*:*:*:*:*:*", + "matchCriteriaId": "26E81BDF-7249-4834-BE1A-F59972F3D4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zte:mc801a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DC8126B4-CBCF-4616-886B-E50C089D2F6B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zte:mc801a1_firmware:mc801a1_elisa1_b04:*:*:*:*:*:*:*", + "matchCriteriaId": "5AE44916-2BFF-44C9-B434-DC47473E3E1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zte:mc801a1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE626E17-D246-4A9C-8B2C-08F7760118B8" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032624", - "source": "psirt@zte.com.cn" + "source": "psirt@zte.com.cn", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-315xx/CVE-2023-31546.json b/CVE-2023/CVE-2023-315xx/CVE-2023-31546.json index aeb4921ea57..189f4e2a1e1 100644 --- a/CVE-2023/CVE-2023-315xx/CVE-2023-31546.json +++ b/CVE-2023/CVE-2023-315xx/CVE-2023-31546.json @@ -2,19 +2,79 @@ "id": "CVE-2023-31546", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T01:15:07.850", - "lastModified": "2023-12-14T13:52:16.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:17:35.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in DedeBIZ v6.0.3 allows attackers to run arbitrary code via the search feature." + }, + { + "lang": "es", + "value": "La vulnerabilidad de Cross Site Scripting (XSS) en DedeBIZ v6.0.3 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n de b\u00fasqueda." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dedebiz:dedebiz:6.0.3:*:*:*:*:*:*:*", + "matchCriteriaId": "D44E22EE-1463-42AA-8648-C64C8CF6FDFC" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/ran9ege/CVE-2023-31546/blob/main/CVE-2023-31546.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34064.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34064.json index 9f3f0c9c64c..2688321d6b4 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34064.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34064.json @@ -2,19 +2,80 @@ "id": "CVE-2023-34064", "sourceIdentifier": "security@vmware.com", "published": "2023-12-12T20:15:06.967", - "lastModified": "2023-12-12T20:20:16.707", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:05:13.560", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Workspace ONE Launcher contains a Privilege Escalation Vulnerability.\u00a0A malicious actor with physical access to Workspace ONE Launcher could utilize the Edge Panel feature to bypass setup to gain access to sensitive information." + }, + { + "lang": "es", + "value": "Workspace ONE Launcher contiene una vulnerabilidad de escalada de privilegios. Un actor malintencionado con acceso f\u00edsico a Workspace ONE Launcher podr\u00eda utilizar la funci\u00f3n Edge Panel para omitir la configuraci\u00f3n y obtener acceso a informaci\u00f3n confidencial." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vmware:workspace_one_launcher:*:*:*:*:*:android:*:*", + "versionStartIncluding": "22.01", + "versionEndExcluding": "23.11", + "matchCriteriaId": "BD3B9BF2-6700-42C8-AA9C-CCF37582A15A" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://www.vmware.com/security/advisories/VMSA-2023-0027.html", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40627.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40627.json index d93542059f2..f20ca135d99 100644 --- a/CVE-2023/CVE-2023-406xx/CVE-2023-40627.json +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40627.json @@ -2,16 +2,53 @@ "id": "CVE-2023-40627", "sourceIdentifier": "security@joomla.org", "published": "2023-12-14T09:15:41.397", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:00:04.487", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A reflected XSS vulnerability was discovered in the LivingWord component for Joomla." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad XSS reflejada en el componente LivingWord para Joomla." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@joomla.org", "type": "Secondary", @@ -23,10 +60,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mlwebtechnologies:livingword:*:*:*:*:*:joomla\\!:*:*", + "versionStartIncluding": "1.0.0", + "versionEndIncluding": "3.0.0", + "matchCriteriaId": "BFAFC1BB-47B3-420F-B92D-C83334610B08" + } + ] + } + ] + } + ], "references": [ { "url": "https://extensions.joomla.org/extension/livingword/", - "source": "security@joomla.org" + "source": "security@joomla.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40628.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40628.json index f6be63ebc67..5e273b9e5d8 100644 --- a/CVE-2023/CVE-2023-406xx/CVE-2023-40628.json +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40628.json @@ -2,16 +2,53 @@ "id": "CVE-2023-40628", "sourceIdentifier": "security@joomla.org", "published": "2023-12-14T09:15:41.480", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:00:24.987", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A reflected XSS vulnerability was discovered in the Extplorer component for Joomla." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad XSS reflejada en el componente Extplorer para Joomla." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@joomla.org", "type": "Secondary", @@ -23,10 +60,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:extplorer:extplorer:*:*:*:*:*:joomla\\!:*:*", + "versionStartIncluding": "1.0.0", + "versionEndIncluding": "2.1.5", + "matchCriteriaId": "821361B8-F378-4E34-9F6D-55328346714D" + } + ] + } + ] + } + ], "references": [ { "url": "https://extensions.joomla.org/extension/extplorer/", - "source": "security@joomla.org" + "source": "security@joomla.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-409xx/CVE-2023-40921.json b/CVE-2023/CVE-2023-409xx/CVE-2023-40921.json index d31b1e68b3a..108dcd6c939 100644 --- a/CVE-2023/CVE-2023-409xx/CVE-2023-40921.json +++ b/CVE-2023/CVE-2023-409xx/CVE-2023-40921.json @@ -2,19 +2,81 @@ "id": "CVE-2023-40921", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T00:15:43.443", - "lastModified": "2023-12-14T13:52:16.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:31:35.590", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "SQL Injection vulnerability in functions/point_list.php in Common Services soliberte before v4.3.03 allows attackers to obtain sensitive information via the lat and lng parameters." + }, + { + "lang": "es", + "value": "Vulnerabilidad de inyecci\u00f3n SQL en functions/point_list.php en Common Services soliberte anterior a v4.3.03 permite a atacantes obtener informaci\u00f3n confidencial a trav\u00e9s de los par\u00e1metros lat y lng." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:common-services:soliberte:*:*:*:*:*:prestashop:*:*", + "versionStartIncluding": "4.0.0", + "versionEndExcluding": "4.3.03", + "matchCriteriaId": "8A90C3C0-EECA-4FDE-9B3E-A43EEB16732F" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://security.friendsofpresta.org/modules/2023/12/12/soliberte.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-416xx/CVE-2023-41621.json b/CVE-2023/CVE-2023-416xx/CVE-2023-41621.json index 316172b1a08..175bb8298ac 100644 --- a/CVE-2023/CVE-2023-416xx/CVE-2023-41621.json +++ b/CVE-2023/CVE-2023-416xx/CVE-2023-41621.json @@ -2,19 +2,79 @@ "id": "CVE-2023-41621", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-13T23:15:07.217", - "lastModified": "2023-12-14T13:52:16.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:16:30.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A Cross Site Scripting (XSS) vulnerability was discovered in Emlog Pro v2.1.14 via the component /admin/store.php." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad de Cross Site Scripting (XSS) en Emlog Pro v2.1.14 a trav\u00e9s del componente /admin/store.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:emlog:emlog:2.1.14:*:*:*:pro:*:*:*", + "matchCriteriaId": "3812D57C-8E1A-4499-9DEE-2A18A955667B" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GhostBalladw/wuhaozhe-s-CVE/blob/main/CVE-2023-41621", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-424xx/CVE-2023-42495.json b/CVE-2023/CVE-2023-424xx/CVE-2023-42495.json index 62ee83944df..5b7f11e5ead 100644 --- a/CVE-2023/CVE-2023-424xx/CVE-2023-42495.json +++ b/CVE-2023/CVE-2023-424xx/CVE-2023-42495.json @@ -2,16 +2,40 @@ "id": "CVE-2023-42495", "sourceIdentifier": "cna@cyber.gov.il", "published": "2023-12-13T13:15:07.450", - "lastModified": "2023-12-13T13:35:16.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:57:31.010", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nDasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\n\n" + }, + { + "lang": "es", + "value": "Dasan Networks - W-Web versiones 1.22-1.27 - CWE-78: Neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando del sistema operativo (\"Inyecci\u00f3n de comando del sistema operativo\")" } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@cyber.gov.il", "type": "Secondary", @@ -46,10 +70,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dasannetworks:w-web:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.22", + "versionEndIncluding": "1.27", + "matchCriteriaId": "37D45D32-5A2C-4A29-98DA-3CC63286DD64" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.gov.il/en/Departments/faq/cve_advisories", - "source": "cna@cyber.gov.il" + "source": "cna@cyber.gov.il", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-435xx/CVE-2023-43586.json b/CVE-2023/CVE-2023-435xx/CVE-2023-43586.json index 4b643fe22e3..ddba7055a81 100644 --- a/CVE-2023/CVE-2023-435xx/CVE-2023-43586.json +++ b/CVE-2023/CVE-2023-435xx/CVE-2023-43586.json @@ -2,16 +2,40 @@ "id": "CVE-2023-43586", "sourceIdentifier": "security@zoom.us", "published": "2023-12-13T23:15:07.660", - "lastModified": "2023-12-14T13:52:16.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:20:25.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access." + }, + { + "lang": "es", + "value": "El path traversal en Zoom Desktop Client para Windows, Zoom VDI Client para Windows y Zoom SDK para Windows puede permitir que un usuario autenticado realice una escalada de privilegios a trav\u00e9s del acceso a la red." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +80,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.16.5", + "matchCriteriaId": "B72243E4-AFF7-4A69-934A-1170A6EDAE0F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.16.5", + "matchCriteriaId": "F58AB464-C80F-4E2B-9F13-BE9B19E3B5BE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.14.14", + "matchCriteriaId": "D33A3D73-DB80-4376-A9EE-2905A4B0B4B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.0", + "versionEndExcluding": "5.15.12", + "matchCriteriaId": "33411E35-8D01-42E4-85D6-0FE2C416E697" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.16.5", + "matchCriteriaId": "19B08EB3-7EBF-416F-91B9-4600E47567F7" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zoom.com/en/trust/security-bulletin/ZSB-23059/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-43xx/CVE-2023-4311.json b/CVE-2023/CVE-2023-43xx/CVE-2023-4311.json new file mode 100644 index 00000000000..8ca0b729774 --- /dev/null +++ b/CVE-2023/CVE-2023-43xx/CVE-2023-4311.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-4311", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.397", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/21950116-1a69-4848-9da0-e912096c0fce", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45182.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45182.json index bc685bd3c86..3afafa9195f 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45182.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45182.json @@ -2,16 +2,40 @@ "id": "CVE-2023-45182", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-14T14:15:42.333", - "lastModified": "2023-12-14T14:49:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:40:38.003", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nIBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265.\n\n" + }, + { + "lang": "es", + "value": "IBM i Access Client Solutions 1.1.2 a 1.1.4 y 1.1.4.3 a 1.1.9.3 es vulnerable a que se decodifique su clave para una contrase\u00f1a cifrada. Al obtener acceso de alguna manera a la contrase\u00f1a cifrada, un atacante local podr\u00eda aprovechar esta vulnerabilidad para obtener la contrase\u00f1a de otros sistemas. ID de IBM X-Force: 268265." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.0, + "impactScore": 4.0 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +70,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i_access_client_solutions:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.1.2", + "versionEndIncluding": "1.1.4", + "matchCriteriaId": "531AF116-53A2-47C9-944E-C7E2CA2ADF9B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i_access_client_solutions:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.1.4.3", + "versionEndExcluding": "1.1.9.4", + "matchCriteriaId": "C30A55A7-E0D8-48B0-96A7-7E93B9A14916" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/268265", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry" + ] }, { "url": "https://www.ibm.com/support/pages/node/7091942", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45185.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45185.json index f10f842a931..4fa1231ee26 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45185.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45185.json @@ -2,16 +2,40 @@ "id": "CVE-2023-45185", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-14T14:15:42.553", - "lastModified": "2023-12-14T14:49:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:52:58.937", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. Due to improper authority checks the attacker could perform operations on the PC under the user's authority. IBM X-Force ID: 268273." + }, + { + "lang": "es", + "value": "IBM i Access Client Solutions versiones 1.1.2 a 1.1.4 y 1.1.4.3 a 1.1.9.3 podr\u00edan permitir a un atacante ejecutar c\u00f3digo remoto. Debido a controles de autoridad inadecuados, el atacante podr\u00eda realizar operaciones en la PC bajo la autoridad del usuario. ID de IBM X-Force: 268273." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "psirt@us.ibm.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, + { + "source": "psirt@us.ibm.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +80,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i_access_client_solutions:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.1.2", + "versionEndIncluding": "1.1.4", + "matchCriteriaId": "531AF116-53A2-47C9-944E-C7E2CA2ADF9B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i_access_client_solutions:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.1.4.3", + "versionEndExcluding": "1.1.9.4", + "matchCriteriaId": "C30A55A7-E0D8-48B0-96A7-7E93B9A14916" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/268273", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry" + ] }, { "url": "https://www.ibm.com/support/pages/node/7091942", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-463xx/CVE-2023-46348.json b/CVE-2023/CVE-2023-463xx/CVE-2023-46348.json index b2e02b0d732..a816adf446f 100644 --- a/CVE-2023/CVE-2023-463xx/CVE-2023-46348.json +++ b/CVE-2023/CVE-2023-463xx/CVE-2023-46348.json @@ -2,19 +2,80 @@ "id": "CVE-2023-46348", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T09:15:42.060", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:11:16.627", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods." + }, + { + "lang": "es", + "value": "La vulnerabilidad de inyecci\u00f3n SQL en SunnyToo, existente antes de la versi\u00f3n 1.1.13, permite a los atacantes escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s de los m\u00e9todos StUrls::hookActionDispatcher y StUrls::getInstanceId." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sunnytoo:sturls:*:*:*:*:*:prestashop:*:*", + "versionEndExcluding": "1.1.13", + "matchCriteriaId": "B7CED269-0345-49D2-8694-ACA8D05A9557" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://security.friendsofpresta.org/modules/2023/12/07/sturls.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-467xx/CVE-2023-46750.json b/CVE-2023/CVE-2023-467xx/CVE-2023-46750.json index c17f6bad2e8..35de75e447e 100644 --- a/CVE-2023/CVE-2023-467xx/CVE-2023-46750.json +++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46750.json @@ -2,15 +2,42 @@ "id": "CVE-2023-46750", "sourceIdentifier": "security@apache.org", "published": "2023-12-14T09:15:42.107", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:10:48.703", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability when \"form\" authentication is used in Apache Shiro.\nMitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+.\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de redirecci\u00f3n de URL a un sitio que no es de confianza (\"Open Redirect\") cuando se utiliza la autenticaci\u00f3n de \"formulario\" en Apache Shiro. Mitigaci\u00f3n: actualice a Apache Shiro 1.13.0+ o 2.0.0-alpha-4+." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -23,10 +50,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.13.0", + "matchCriteriaId": "4506F25B-7525-4608-9541-2FA9A31C72BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:shiro:2.0.0:alpha1:*:*:*:*:*:*", + "matchCriteriaId": "27D6F919-851F-470D-A8E7-0F56C1EA16FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:shiro:2.0.0:alpha2:*:*:*:*:*:*", + "matchCriteriaId": "A759179A-E4A9-4A6A-9CCB-5BB9CC73F7E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:shiro:2.0.0:alpha3:*:*:*:*:*:*", + "matchCriteriaId": "637D39D2-0D98-4137-8D48-C6D8834E07B3" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/hoc9zdyzmmrfj1zhctsvvtx844tcq6w9", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4694.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4694.json index c8f2503f206..f253bc08ceb 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4694.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4694.json @@ -2,19 +2,399 @@ "id": "CVE-2023-4694", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2023-12-14T19:15:16.243", - "lastModified": "2023-12-14T19:26:01.850", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:03:32.283", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header." + }, + { + "lang": "es", + "value": "Ciertas impresoras HP OfficeJet Pro son potencialmente vulnerables a una denegaci\u00f3n de servicio cuando env\u00edan un mensaje SOAP al servicio en el puerto TCP 3911 que contiene un cuerpo pero no un encabezado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_d9l19a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "5730F0BD-29D0-498B-9FCB-D3EB7377E4E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_d9l19a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E440F202-2295-40B3-90AA-3129649C123B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_m9l74a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "1EA12541-E23F-4C26-B4DA-0C672B9F6D71" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_m9l74a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "13EBE5A1-C167-41BC-B2C0-BF22B471A090" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_m9l75a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "91F42DA3-BF50-47BC-9054-ABC82E498EB1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_m9l75a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5B819FAC-E142-4D6A-98DB-F250B32E0B25" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_m9l76a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "2EBA5D52-98D1-4CC4-87A4-C1A1382B2FA3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_m9l76a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1A049AA9-3E05-4288-87A4-0F1C0508C522" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_j7a28a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "BB65EBDF-2004-44E9-B2C8-E86D6850747E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_j7a28a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "307C2270-0490-44B7-9780-9AE563EFF957" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_j7a31a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "703C1E0A-C797-4186-B02E-67E2330E4D7B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_j7a31a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FAD4E78-2FD9-4376-BBFB-B8EB69E17EF2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_k7s34a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "CAE13BC1-BCF2-46F5-A3DE-54FFF698EE31" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_k7s34a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1702A3B0-7FFD-43BF-A84D-586B952FCCD8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_k7s35a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "8CDF7B37-D477-455A-980D-063EC655DCA2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_k7s35a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8B01D20-2D32-4167-A8DB-C055D6A2BE14" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_m9l80a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "0CCEC231-94FA-40CB-8F72-66FDAF1CDA2B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_m9l80a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "59276A6F-1EF8-4FB2-A396-3CE560A42B28" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_j7a29a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "748B52DA-0B3E-4814-AF66-C822166100EE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_j7a29a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "984FE27A-E901-4F19-86D1-D5C0A3D84D09" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_k7s36a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "32E3E2BA-7AE3-4711-9DBF-0884E81214D0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_k7s36a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "286E13FD-CD04-4335-AE81-8BEE5B1A8833" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hp:officejet_pro_8730_t0g54a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "001.2337a", + "matchCriteriaId": "4011B30E-00C3-46A3-A5FE-041F6CFBB31B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hp:officejet_pro_8730_t0g54a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C6E4DADD-5007-4960-8659-5FF681F6DD3C" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://support.hp.com/us-en/document/ish_9823639-9823677-16/hpsbpi03894", - "source": "hp-security-alert@hp.com" + "source": "hp-security-alert@hp.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-473xx/CVE-2023-47324.json b/CVE-2023/CVE-2023-473xx/CVE-2023-47324.json index 0045fca4b5b..0ae48a6582d 100644 --- a/CVE-2023/CVE-2023-473xx/CVE-2023-47324.json +++ b/CVE-2023/CVE-2023-473xx/CVE-2023-47324.json @@ -2,27 +2,94 @@ "id": "CVE-2023-47324", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-13T14:15:44.343", - "lastModified": "2023-12-13T14:27:24.453", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:02:11.057", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Silverpeas Core 6.3.1 is vulnerable to Cross Site Scripting (XSS) via the message/notification feature." + }, + { + "lang": "es", + "value": "Silverpeas Core 6.3.1 es vulnerable a Cross Site Scripting (XSS) a trav\u00e9s de la funci\u00f3n de mensaje/notificaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.2", + "matchCriteriaId": "F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://silverpeas.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47324", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Silverpeas/Silverpeas-Core/pull/1298/commits", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-473xx/CVE-2023-47325.json b/CVE-2023/CVE-2023-473xx/CVE-2023-47325.json index 6bfe162dffa..f7cfd08a756 100644 --- a/CVE-2023/CVE-2023-473xx/CVE-2023-47325.json +++ b/CVE-2023/CVE-2023-473xx/CVE-2023-47325.json @@ -2,23 +2,87 @@ "id": "CVE-2023-47325", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-13T14:15:44.390", - "lastModified": "2023-12-13T14:27:24.453", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:04:38.347", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Silverpeas Core 6.3.1 administrative \"Bin\" feature is affected by broken access control. A user with low privileges is able to navigate directly to the bin, revealing all deleted spaces. The user can then restore or permanently delete the spaces." + }, + { + "lang": "es", + "value": "La funci\u00f3n administrativa \"Bin\" de Silverpeas Core 6.3.1 se ve afectada por un control de acceso roto. Un usuario con pocos privilegios puede navegar directamente a la papelera, revelando todos los espacios eliminados. Luego, el usuario puede restaurar o eliminar permanentemente los espacios." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.2", + "matchCriteriaId": "F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://silverpeas.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47325", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-473xx/CVE-2023-47326.json b/CVE-2023/CVE-2023-473xx/CVE-2023-47326.json index db06710fa56..fc7d09fecc0 100644 --- a/CVE-2023/CVE-2023-473xx/CVE-2023-47326.json +++ b/CVE-2023/CVE-2023-473xx/CVE-2023-47326.json @@ -2,23 +2,87 @@ "id": "CVE-2023-47326", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-13T14:15:44.437", - "lastModified": "2023-12-13T14:27:24.453", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:02:57.330", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain SQL Create function." + }, + { + "lang": "es", + "value": "Silverpeas Core 6.3.1 es vulnerable a la cross-site request forgery (CSRF) a trav\u00e9s de la funci\u00f3n Domain SQL Create." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.2", + "matchCriteriaId": "F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://silverpeas.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47326", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-477xx/CVE-2023-47741.json b/CVE-2023/CVE-2023-477xx/CVE-2023-47741.json new file mode 100644 index 00000000000..5c4fdec0db5 --- /dev/null +++ b/CVE-2023/CVE-2023-477xx/CVE-2023-47741.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-47741", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-12-18T20:15:08.213", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nIBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text passwords in browser memory that can be viewed using common browser tools before the memory is garbage collected. A malicious actor with access to the victim's PC could exploit this vulnerability to gain access to the IBM i operating system. IBM X-Force ID: 272532.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 4.0 + } + ] + }, + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7097785", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7097801", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4724.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4724.json new file mode 100644 index 00000000000..d230e85aeef --- /dev/null +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4724.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-4724", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.453", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not validate and sanitise the `wp_query` parameter which allows an attacker to run arbitrary command on the remote server" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/48820f1d-45cb-4f1f-990d-d132bfc5536f", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48444.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48444.json index 96630994b21..4d6e3563cff 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48444.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48444.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48444", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:11.080", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:19:44.247", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48445.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48445.json index 1148f8ec1e7..8c1b8c50298 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48445.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48445.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48445", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:11.280", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:19:36.650", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48446.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48446.json index 382cf5760da..f180fa03916 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48446.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48446.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48446", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:11.530", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:19:29.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48447.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48447.json index d59db090f4a..e7b9dfb5085 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48447.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48447.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48447", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:11.750", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:18:38.317", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48448.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48448.json index 900b3d8d578..7c476fb1b91 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48448.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48448.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48448", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:11.947", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:30:03.350", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48449.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48449.json index f6226282805..04fc42bd66d 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48449.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48449.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48449", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:12.150", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:29:57.413", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48450.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48450.json index 0b7ac18ad08..748bb9d9e63 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48450.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48450.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48450", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:12.350", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:29:50.117", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48451.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48451.json index 48e7a69bb15..2aad2366d18 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48451.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48451.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48451", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:12.550", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:29:41.433", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48452.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48452.json index 6729401516e..f3ea022211b 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48452.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48452.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48452", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:12.740", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:29:21.887", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48453.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48453.json index 6ae1180e4e2..04c47788965 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48453.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48453.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48453", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:12.943", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:29:14.580", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48454.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48454.json index 233174fe04b..b662cdc0133 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48454.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48454.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48454", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:13.147", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:29:05.933", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48455.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48455.json index 5af3ad98439..330a4fa87b3 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48455.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48455.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48455", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:13.343", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:28:50.107", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48456.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48456.json index 779b616ce78..d9056cea8a1 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48456.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48456.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48456", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:13.540", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:28:40.983", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48457.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48457.json index 48fbe183013..7259fa73962 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48457.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48457.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48457", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:13.737", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:28:33.020", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48458.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48458.json index 834c9d9044b..1daf73c8ef4 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48458.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48458.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48458", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:13.937", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:28:27.003", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48459.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48459.json index b13d3d346eb..eb289737cd7 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48459.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48459.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48459", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:14.143", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:28:16.717", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48460.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48460.json index 5adf5784a8b..ee82520dc9a 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48460.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48460.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48460", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:14.337", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:28:04.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48461.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48461.json index 7beed04cb22..f9daf00ebc8 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48461.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48461.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48461", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:14.550", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:20:49.760", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48462.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48462.json index a4051f8d959..7515cb6124a 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48462.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48462.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48462", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:14.747", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:20:42.610", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48463.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48463.json index f942c8d63d7..8427427f655 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48463.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48463.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48463", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:14.947", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:20:36.650", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48464.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48464.json index 8ed0051f242..8d0504814f2 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48464.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48464.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48464", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:15.150", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:20:17.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48465.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48465.json index 9bc76d2038c..fbba6f5ed22 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48465.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48465.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48465", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:15.350", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:20:11.827", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48466.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48466.json index c81129ef047..7eb2023d8a3 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48466.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48466.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48466", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:15.560", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:20:03.613", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48467.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48467.json index 7db35d6c98a..b0958bf5e5f 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48467.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48467.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48467", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:15.763", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:19:56.017", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48468.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48468.json index 5544ca847a6..2a1fa9105b9 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48468.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48468.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48468", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:15.960", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:16:47.773", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48469.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48469.json index 9149fb8b37d..2a8155dd21d 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48469.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48469.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48469", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:16.173", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:16:55.723", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48470.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48470.json index 316492a71cd..501065902e8 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48470.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48470.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48470", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:16.373", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:17:04.237", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48471.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48471.json index 742cc1e3862..3d8d4ae90d2 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48471.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48471.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48471", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:16.610", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:17:11.100", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48472.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48472.json index b24493f886b..aa2b384a938 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48472.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48472.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48472", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:16.830", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:17:18.410", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48473.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48473.json index c8707453112..4f016b143b0 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48473.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48473.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48473", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:17.037", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:31:56.123", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48474.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48474.json index 251bc818b7d..f7b227f514c 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48474.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48474.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48474", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:17.243", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:34:01.420", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48475.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48475.json index 02af3d7c30b..749385f8906 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48475.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48475.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48475", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:17.447", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:33:55.840", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48476.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48476.json index 7ef22dba4b9..ff7c4dcb56a 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48476.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48476.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48476", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:17.650", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:33:47.790", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48477.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48477.json index 2f8849bddce..362c0745fb9 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48477.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48477.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48477", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:17.843", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:33:40.933", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48478.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48478.json index 8565a1feac5..aa601a93cdd 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48478.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48478.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48478", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:18.040", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:33:34.763", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48479.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48479.json index 16069b97c56..4ee0015f594 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48479.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48479.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48479", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:18.240", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:33:27.920", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48480.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48480.json index 1899d72bad4..5114dff0119 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48480.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48480.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48480", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:18.433", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:33:23.117", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48481.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48481.json index f06a6026b4c..9ddabcdce34 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48481.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48481.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48481", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:18.633", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:33:17.937", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48482.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48482.json index 3abce476b8c..8acea2a0b48 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48482.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48482.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48482", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:18.827", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:33:06.527", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48483.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48483.json index b6d2c8649df..402b974c1db 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48483.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48483.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48483", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:19.017", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:33:00.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48484.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48484.json index 6d2b9638698..c69c07ae974 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48484.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48484.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48484", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:19.220", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:32:53.883", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48485.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48485.json index 0c2ac344f10..2494cf05f87 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48485.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48485.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48485", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:19.413", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:32:46.707", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48486.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48486.json index 69d682df5cc..80af3d15e54 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48486.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48486.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48486", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:19.620", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:32:40.060", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48487.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48487.json index 34f4e6add38..636a5d2c730 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48487.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48487.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48487", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:19.817", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:32:32.333", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48488.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48488.json index ae54ac240b0..38dcc2b9a45 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48488.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48488.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48488", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:20.023", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:32:27.590", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48489.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48489.json index 0d05fd6e32f..dacbb75f72b 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48489.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48489.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48489", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:20.233", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:32:21.997", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48490.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48490.json index a8530832e9f..6c68f41eeea 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48490.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48490.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48490", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:20.450", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:32:17.433", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48491.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48491.json index 5b16e279c68..815c23be66d 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48491.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48491.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48491", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:20.660", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:32:13.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48492.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48492.json index 63976778d50..2f93c6bf961 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48492.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48492.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48492", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:20.863", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:32:09.133", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48493.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48493.json index 54d5bfcdf27..a5622b486c8 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48493.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48493.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48493", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:21.063", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:17:25.410", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48494.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48494.json index a4506f30095..c8456d61057 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48494.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48494.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48494", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:21.260", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:17:35.447", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48495.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48495.json index 7e10832a5ba..69056c8eaae 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48495.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48495.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48495", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:21.467", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:17:43.190", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48496.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48496.json index 920acd41483..67ff12b13c7 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48496.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48496.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48496", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:21.667", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:17:49.213", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48497.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48497.json index 3ea79a4d5db..130cf6f74f1 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48497.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48497.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48497", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:21.867", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:18:05.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48498.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48498.json index 49d4bce986a..437ea617b19 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48498.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48498.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48498", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:22.073", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:18:12.163", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-484xx/CVE-2023-48499.json b/CVE-2023/CVE-2023-484xx/CVE-2023-48499.json index d186b923170..fbdd96e1c9e 100644 --- a/CVE-2023/CVE-2023-484xx/CVE-2023-48499.json +++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48499.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48499", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:22.290", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:18:19.413", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48500.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48500.json index f86a512178f..290488c3d3b 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48500.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48500.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48500", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:22.493", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:18:32.030", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48501.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48501.json index 09be113c33d..0554c8db206 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48501.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48501.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48501", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:22.687", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:18:39.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48502.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48502.json index 91deae84464..910a00e6e4f 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48502.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48502.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48502", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:22.887", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:19:24.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48503.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48503.json index 6f3d0395b10..871fbd7410d 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48503.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48503.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48503", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:23.083", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:18:51.837", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48504.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48504.json index a04c94011ab..bcfd9760997 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48504.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48504.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48504", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:23.280", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:19:02.503", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48505.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48505.json index 9bae2b2874d..ec295c336a1 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48505.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48505.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48505", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:23.480", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:19:08.870", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48506.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48506.json index 3bfdd9afbfe..41ff3e63344 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48506.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48506.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48506", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:23.673", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:19:16.477", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48507.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48507.json index 0128f9534aa..903f5a1457e 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48507.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48507.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48507", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:23.870", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:23:31.203", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48508.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48508.json index 053abf693be..3cf54e2181d 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48508.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48508.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48508", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:24.063", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:23:51.017", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48509.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48509.json index b88e34ecdf8..849898ceace 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48509.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48509.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48509", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:24.267", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:24:00.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48510.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48510.json index 2e188c5ceec..f36beb49456 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48510.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48510.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48510", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:24.470", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:24:16.337", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48511.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48511.json index fcb55c9babb..b3c78086f22 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48511.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48511.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48511", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:24.670", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:24:42.530", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48512.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48512.json index 13a493009da..bb36e91ec0e 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48512.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48512.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48512", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:24.863", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:24:53.400", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48513.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48513.json index 4e4e5885bd0..df566750b93 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48513.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48513.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48513", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:25.057", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:25:00.740", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48514.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48514.json index dd998ad5e48..9ff990ac1d7 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48514.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48514.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48514", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:25.267", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:25:09.357", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48515.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48515.json index 8fcb210cb0d..8dd897a7adf 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48515.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48515.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48515", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:25.460", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:25:17.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48516.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48516.json index 9b162c36a21..aa6b9cb27d6 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48516.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48516.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48516", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:25.677", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:25:34.897", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48517.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48517.json index 96ce6b43415..3a30f70dbfa 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48517.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48517.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48517", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:25.880", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:25:46.927", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48518.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48518.json index c6388336cf1..b6e04d3d876 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48518.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48518.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48518", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:26.090", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:25:53.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48519.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48519.json index a54085a4932..cd11a225d11 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48519.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48519.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48519", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:26.293", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:26:03.490", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48520.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48520.json index cf0999e9444..0879941ee2f 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48520.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48520.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48520", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:26.500", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:26:11.347", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48521.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48521.json index df4c3749973..8e0e2d65ed2 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48521.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48521.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48521", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:26.690", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:26:17.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48522.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48522.json index d3aeb1feb7b..9ad3dea3809 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48522.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48522.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48522", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:26.947", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:26:31.800", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48523.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48523.json index d394753796a..1c4ae97911a 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48523.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48523.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48523", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:27.143", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:26:40.617", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48524.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48524.json index 85486414715..3254c01253f 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48524.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48524.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48524", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:27.350", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:26:52.170", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48525.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48525.json index c2e48101a81..88b470d4216 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48525.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48525.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48525", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:27.577", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:28:40.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48526.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48526.json index 30fa945079e..ee948e36594 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48526.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48526.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48526", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:27.810", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:28:48.827", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48527.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48527.json index 59445ebbe79..e1063c3fc78 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48527.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48527.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48527", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:28.017", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:28:56.730", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48528.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48528.json index 142b9ef535d..a8979fcf2fb 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48528.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48528.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48528", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:28.210", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:29:03.957", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48529.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48529.json index d11cc3dc5fa..971cd24e5ec 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48529.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48529.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48529", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:28.410", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:29:09.833", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48530.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48530.json index 48e7ded1e99..93d724ecbb4 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48530.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48530.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48530", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:28.607", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:29:21.410", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48531.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48531.json index 6aea0f7e98e..69cef4dfafc 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48531.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48531.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48531", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:28.810", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:29:33.500", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48532.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48532.json index 268135d2436..2ce717f107d 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48532.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48532.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48532", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:28.997", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:29:39.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48533.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48533.json index 95437b2e64c..802a54dd1ae 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48533.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48533.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48533", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:29.197", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:30:31.487", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48534.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48534.json index 815d24d1250..42d581a3644 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48534.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48534.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48534", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:29.393", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:36:34.027", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48535.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48535.json index bde2dfceb8a..b1e974e7b92 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48535.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48535.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48535", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:29.600", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:36:25.687", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48536.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48536.json index 67e641ac826..72d83f70be7 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48536.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48536.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48536", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:29.797", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:36:19.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48537.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48537.json index 598cb12f8c8..3284f16e172 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48537.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48537.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48537", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:29.993", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:36:13.320", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48538.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48538.json index 7713e272b87..604ae530548 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48538.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48538.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48538", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:30.193", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:36:06.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48539.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48539.json index 370a608bec7..887501f8325 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48539.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48539.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48539", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:30.417", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:35:58.943", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48540.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48540.json index c45e4995c54..6db955648f8 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48540.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48540.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48540", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:30.633", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:35:36.597", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48541.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48541.json index 66498f4b337..476dd351237 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48541.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48541.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48541", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:30.823", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:35:43.487", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48542.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48542.json index a04c77c4014..f95f5ed8093 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48542.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48542.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48542", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:31.010", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:35:30.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48543.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48543.json index bd55d5abd88..a8daf52a9b6 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48543.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48543.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48543", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:31.210", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:35:22.643", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48544.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48544.json index 8f98e54105a..6702ff95ebe 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48544.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48544.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48544", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:31.417", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:35:08.170", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48545.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48545.json index 3127e2bb3d8..9fbff4ad454 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48545.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48545.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48545", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:31.617", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:34:54.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48546.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48546.json index 8fc76651f9b..e582423bb5e 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48546.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48546.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48546", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:31.813", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:34:48.300", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48547.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48547.json index 66ef6719cf4..ea51b5368f7 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48547.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48547.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48547", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:32.023", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:34:38.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48548.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48548.json index e28ddb0d73e..4e23acce19b 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48548.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48548.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48548", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:32.217", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:34:32.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48549.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48549.json index fb9d00a8ecd..dfd58e36225 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48549.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48549.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48549", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:32.413", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:34:23.420", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48550.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48550.json index 3aebeb5e049..738a66cf7a4 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48550.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48550.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48550", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:32.627", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:34:16.303", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48551.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48551.json index 76a8670bece..8b3e62f39e6 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48551.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48551.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48551", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:32.840", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:34:05.903", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48552.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48552.json index 34e3bcd3fa9..d6207d7033f 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48552.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48552.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48552", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:33.037", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:31:52.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48553.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48553.json index 472bd7eb644..39366f0fd35 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48553.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48553.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48553", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:33.237", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:31:59.470", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48554.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48554.json index e44a4efc191..deee5c88b9b 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48554.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48554.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48554", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:33.437", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:32:08.223", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -46,10 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48555.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48555.json index 75537279a33..723159d90e5 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48555.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48555.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48555", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:33.630", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:32:16.557", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-485xx/CVE-2023-48556.json b/CVE-2023/CVE-2023-485xx/CVE-2023-48556.json index f219bd9f8c1..37cca0f731d 100644 --- a/CVE-2023/CVE-2023-485xx/CVE-2023-48556.json +++ b/CVE-2023/CVE-2023-485xx/CVE-2023-48556.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48556", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-15T11:15:33.827", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:32:24.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.5.18.0", + "matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.11", + "matchCriteriaId": "F56D8A34-1B33-4D89-963A-DAF530E621E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-486xx/CVE-2023-48631.json b/CVE-2023/CVE-2023-486xx/CVE-2023-48631.json index 2d1ae4e6ad1..e24a8b218f5 100644 --- a/CVE-2023/CVE-2023-486xx/CVE-2023-48631.json +++ b/CVE-2023/CVE-2023-486xx/CVE-2023-48631.json @@ -2,19 +2,43 @@ "id": "CVE-2023-48631", "sourceIdentifier": "psirt@adobe.com", "published": "2023-12-14T13:15:54.250", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:14:50.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "@adobe/css-tools versions 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS." + }, + { + "lang": "es", + "value": "Las versiones 4.3.1 y anteriores de @adobe/css-tools se ven afectadas por una vulnerabilidad de validaci\u00f3n de entrada incorrecta que podr\u00eda provocar una denegaci\u00f3n de servicio al intentar analizar CSS." } ], "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1333" + } + ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:css-tools:*:*:*:*:*:node.js:*:*", + "versionEndExcluding": "4.3.2", + "matchCriteriaId": "1C4CDB91-B31E-4570-A6D8-0D5A19DFD877" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/adobe/css-tools/security/advisories/GHSA-prr3-c3m5-p7q2", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48702.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48702.json index 26b1e4cd2b3..af041d77b90 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48702.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48702.json @@ -2,16 +2,40 @@ "id": "CVE-2023-48702", "sourceIdentifier": "security-advisories@github.com", "published": "2023-12-13T21:15:07.847", - "lastModified": "2023-12-13T21:25:53.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:10:51.197", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the `/System/MediaEncoder/Path` endpoint executes an arbitrary file using `ProcessStartInfo` via the `ValidateVersion` function. A malicious administrator can setup a network share and supply a UNC path to `/System/MediaEncoder/Path` which points to an executable on the network share, causing Jellyfin server to run the executable in the local context. The endpoint was removed in version 10.8.13." + }, + { + "lang": "es", + "value": "Jellyfin es un sistema para gestionar y transmitir medios. Antes de la versi\u00f3n 10.8.13, el endpoint `/System/MediaEncoder/Path` ejecuta un archivo arbitrario usando `ProcessStartInfo` a trav\u00e9s de la funci\u00f3n `ValidateVersion`. Un administrador malintencionado puede configurar un recurso compartido de red y proporcionar una ruta UNC a `/System/MediaEncoder/Path` que apunta a un ejecutable en el recurso compartido de red, lo que hace que el servidor Jellyfin ejecute el ejecutable en el contexto local. El endpoint se elimin\u00f3 en la versi\u00f3n 10.8.13." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,18 +70,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.8.13", + "matchCriteriaId": "93D6F598-55D9-4041-BED8-4448226B5EFF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jellyfin/jellyfin/commit/83d2c69516471e2db72d9273c6a04247d0f37c86", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/jellyfin/jellyfin/security/advisories/GHSA-rr9h-w522-cvmr", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://securitylab.github.com/advisories/GHSL-2023-028_jellyfin/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48756.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48756.json index f39b8127a5d..64b4091a3b1 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48756.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48756.json @@ -2,16 +2,40 @@ "id": "CVE-2023-48756", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T17:15:08.187", - "lastModified": "2023-12-14T17:17:50.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:06:14.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor allows Reflected XSS.This issue affects JetBlocks For Elementor: from n/a through 1.3.8.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-Site Scripting') en Crocoblock JetBlocks For Elementor permite Reflected XSS. Este problema afecta a JetBlocks For Elementor: desde n/a hasta 1.3.8." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:motopress:jetblocks_for_elementor:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.3.8", + "matchCriteriaId": "03ED5F19-19B4-4F6A-AA25-5AB8EF05219B" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/jet-blocks/wordpress-jetblocks-for-elementor-plugin-1-3-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48767.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48767.json index e8e11edbfa3..a63dd62ee06 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48767.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48767.json @@ -2,16 +2,40 @@ "id": "CVE-2023-48767", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T17:15:08.380", - "lastModified": "2023-12-14T17:17:50.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:04:15.333", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raghu Goriya MyTube PlayList allows Reflected XSS.This issue affects MyTube PlayList: from n/a through 2.0.3.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Raghu Goriya MyTube PlayList permite Reflected XSS. Este problema afecta a MyTube PlayList: desde n/a hasta 2.0.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tes-india:mytube_playlist:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0.3", + "matchCriteriaId": "EA042807-D2F7-49AB-A6D0-CBBFB303A509" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/mytube/wordpress-mytube-playlist-plugin-2-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json index eb542405c27..8556805c95f 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json @@ -2,12 +2,12 @@ "id": "CVE-2023-48795", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-18T16:15:10.897", - "lastModified": "2023-12-18T18:15:08.033", + "lastModified": "2023-12-18T19:15:08.623", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, and golang.org/x/crypto before 0.17.0; and there could be effects on Bitvise SSH through 9.31 and libssh through 0.10.5." + "value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, and libssh before 0.10.6; and there could be effects on Bitvise SSH through 9.31." } ], "metrics": {}, @@ -16,6 +16,10 @@ "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3", "source": "cve@mitre.org" }, + { + "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", + "source": "cve@mitre.org" + }, { "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", "source": "cve@mitre.org" @@ -32,6 +36,10 @@ "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", "source": "cve@mitre.org" }, + { + "url": "https://github.com/mwiede/jsch/issues/457", + "source": "cve@mitre.org" + }, { "url": "https://github.com/openssh/openssh-portable/commits/master", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-489xx/CVE-2023-48925.json b/CVE-2023/CVE-2023-489xx/CVE-2023-48925.json index b5309e4a536..a09954d5861 100644 --- a/CVE-2023/CVE-2023-489xx/CVE-2023-48925.json +++ b/CVE-2023/CVE-2023-489xx/CVE-2023-48925.json @@ -2,19 +2,80 @@ "id": "CVE-2023-48925", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T09:15:42.193", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:15:01.480", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in Buy Addons bavideotab before version 1.0.6, allows attackers to escalate privileges and obtain sensitive information via the component BaVideoTabSaveVideoModuleFrontController::run()." + }, + { + "lang": "es", + "value": "Vulnerabilidad de inyecci\u00f3n SQL en Buy Addons bavideotab anterior a la versi\u00f3n 1.0.6, permite a los atacantes escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s del componente BaVideoTabSaveVideoModuleFrontController::run()." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:buy-addons:bavideotab:*:*:*:*:*:prestashop:*:*", + "versionEndExcluding": "1.0.6", + "matchCriteriaId": "201918AF-0ACE-484B-B93B-DC9FD702030D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://security.friendsofpresta.org/modules/2023/12/07/bavideotab.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49171.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49171.json index a80c120d477..cde3b6f4b1c 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49171.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49171.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49171", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T16:15:50.487", - "lastModified": "2023-12-14T17:17:54.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:49:23.357", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TheInnovs Innovs HR \u2013 Complete Human Resource Management System for Your Business allows Reflected XSS.This issue affects Innovs HR \u2013 Complete Human Resource Management System for Your Business: from n/a through 1.0.3.4.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en TheInnovs Innovs HR \u2013 Complete Human Resource Management System for Your Business permite Reflected XSS. Este problema afecta a Innovs HR \u2013 Complete Human Resource Management System for Your Business: desde n/a hasta 1.0.3.4." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:theinnovs:innovs_hr:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.3.4", + "matchCriteriaId": "1A17A722-20F9-4B39-B9AB-608AA4E7621A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/innovs-hr-manager/wordpress-innovs-hr-plugin-1-0-3-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49172.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49172.json index 181c6ab31d7..3c1d3449976 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49172.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49172.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49172", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T16:15:50.807", - "lastModified": "2023-12-14T17:17:54.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:49:11.653", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BrainCert BrainCert \u2013 HTML5 Virtual Classroom allows Reflected XSS.This issue affects BrainCert \u2013 HTML5 Virtual Classroom: from n/a through 1.30.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en BrainCert BrainCert \u2013 HTML5 Virtual Classroom permite XSS reflejado. Este problema afecta a BrainCert \u2013 HTML5 Virtual Classroom: desde n/a hasta 1.30." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:braincert:virtual_classroom_api:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.30", + "matchCriteriaId": "721506BB-96BD-4560-8F80-0EF10EC5FD64" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/html5-virtual-classroom/wordpress-braincert-html5-virtual-classroom-plugin-1-30-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49173.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49173.json index d49db456b5e..d1ef362f79e 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49173.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49173.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49173", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T16:15:51.013", - "lastModified": "2023-12-14T17:17:54.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:48:59.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10to8 Sign In Scheduling Online Appointment Booking System allows Stored XSS.This issue affects Sign In Scheduling Online Appointment Booking System: from n/a through 1.0.9.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en 10to8 Sign In Scheduling Online Appointment Booking System permite almacenar XSS. Este problema afecta a Sign In Scheduling Online Appointment Booking System: desde n/a hasta 1.0.9." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:10to8:sign_in_scheduling_online_appointment_booking_system:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.9", + "matchCriteriaId": "4DED3887-548A-4243-9AD1-7BB3D03040FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/10to8-online-booking/wordpress-10to8-online-appointment-booking-system-plugin-1-0-9-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49195.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49195.json index c684d2570e0..8e01d5fd9c5 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49195.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49195.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49195", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T16:15:51.227", - "lastModified": "2023-12-14T17:17:54.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:48:51.397", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages allows Stored XSS.This issue affects Nested Pages: from n/a through 3.2.6.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Kyle Phillips Nested Pages permite almacenar XSS. Este problema afecta a Nested Pages: desde n/a hasta 3.2.6." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kylephillips:nested_pages:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.2.6", + "matchCriteriaId": "F08C8098-2595-4AF9-9F80-F0CC607171C0" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-nested-pages/wordpress-nested-pages-plugin-3-2-6-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-495xx/CVE-2023-49581.json b/CVE-2023/CVE-2023-495xx/CVE-2023-49581.json index 03d5094eac7..8d6418e3e89 100644 --- a/CVE-2023/CVE-2023-495xx/CVE-2023-49581.json +++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49581.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49581", "sourceIdentifier": "cna@sap.com", "published": "2023-12-12T02:15:07.710", - "lastModified": "2023-12-12T13:43:48.853", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:03:32.293", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 9.4, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.5 + }, { "source": "cna@sap.com", "type": "Secondary", @@ -40,8 +60,18 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -50,14 +80,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:700:*:*:*:sap_basis:*:*:*", + "matchCriteriaId": "6F048ED9-2DDF-4EB9-8571-73832AFABF6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:sap_basis:*:*:*", + "matchCriteriaId": "4EB54432-0E1A-45F2-BEE1-8DC28FAADA9F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:sap_basis:*:*:*", + "matchCriteriaId": "8E96C58C-ED44-487B-A67E-FDAE3C29023A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:sap_basis:*:*:*", + "matchCriteriaId": "A14DF5EB-B8CE-4A47-9959-2F65A5DCEF5F" + } + ] + } + ] + } + ], "references": [ { "url": "https://me.sap.com/notes/3392547", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Permissions Required", + "Vendor Advisory" + ] }, { "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49766.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49766.json index eb1375b9739..35d832cf5e5 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49766.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49766.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49766", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T16:15:51.447", - "lastModified": "2023-12-14T17:17:54.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:48:14.307", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Ultimate Addons for Contact Form 7 allows Stored XSS.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.2.0.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-Site Scripting') en Themefic Ultimate Addons for Contact Form 7 permite almacenar XSS. Este problema afecta a Ultimate Addons for Contact Form 7: desde n/a hasta 3.2.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themefic:ultimate_addons_for_contact_form_7:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.2.0", + "matchCriteriaId": "CC41CFD9-A47C-4804-8DBD-427A7F6170BD" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/ultimate-addons-for-contact-form-7/wordpress-ultimate-addons-for-contact-form-7-plugin-3-2-0-unauthenticated-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49771.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49771.json index f01237a0579..5d176c2f2b6 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49771.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49771.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49771", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T16:15:51.863", - "lastModified": "2023-12-14T17:17:54.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:48:00.757", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Reflected XSS.This issue affects Smart External Link Click Monitor [Link Log]: from n/a through 5.0.2.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Peter Raschendorfer Smart External Link Click Monitor [Link Log] permite XSS reflejado. Este problema afecta a Smart External Link Click Monitor [Link Log]: de n/a hasta 5.0.2." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:petersplugins:link_log:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "5.0.2", + "matchCriteriaId": "8184F3F6-9B3D-4108-9E94-9C463CC8F2FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/link-log/wordpress-smart-external-link-click-monitor-link-log-plugin-5-0-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49813.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49813.json index b4c2d9e5b37..a83b618b840 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49813.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49813.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49813", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T16:15:52.080", - "lastModified": "2023-12-14T17:17:54.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:47:50.223", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus permite almacenar XSS. Este problema afecta a WP Photo Album Plus: desde n/a hasta 8.5.02.005." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wp_photo_album_plus_project:wp_photo_album_plus:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "8.5.02.005", + "matchCriteriaId": "D2F8FE66-790E-4547-8005-292FA74149A1" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-5-02-005-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49820.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49820.json index e42297d3891..fa9cc033dc4 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49820.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49820.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49820", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T16:15:52.323", - "lastModified": "2023-12-14T17:17:54.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:47:40.197", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon B\u00f6hme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Gordon B\u00f6hme, Antonio Leutsch Structured Content (JSON-LD) #wpsc permite almacenar XSS. Este problema afecta a Structured Content (JSON-LD) #wpsc: de n/a hasta 1.5.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpsc-plugin:structured_content:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.5.3", + "matchCriteriaId": "2FD50FCD-BEBF-40A1-836C-BC34EB1214CE" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/structured-content/wordpress-structured-content-json-ld-wpsc-plugin-1-5-3-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49827.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49827.json index 0478fcbd5c2..cd5fa7ae6f0 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49827.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49827.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49827", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T15:15:09.520", - "lastModified": "2023-12-14T15:20:34.133", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:06:10.023", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad \u2013 Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Soledad \u2013 Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en PenciDesign Soledad \u2013 Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme permite XSS reflejado. Este problema afecta a Soledad \u2013 Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: desde n/a hasta 8.4.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pencidesign:soledad:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "8.4.2", + "matchCriteriaId": "B180026A-9BBA-413D-943C-C3F5F932299A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/soledad/wordpress-soledad-theme-8-4-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49828.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49828.json index ad4a6fa6865..1e910bab127 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49828.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49828.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49828", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T15:15:09.740", - "lastModified": "2023-12-14T15:20:34.133", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:16:03.957", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooPayments \u2013 Fully Integrated Solution Built and Supported by Woo allows Stored XSS.This issue affects WooPayments \u2013 Fully Integrated Solution Built and Supported by Woo: from n/a through 6.4.2.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Automattic WooPayments \u2013 Fully Integrated Solution Built and Supported by Woo permite almacenar XSS. Este problema afecta a WooPayments \u2013 Fully Integrated Solution Built and Supported by Woo: de n/ a hasta 6.4.2.v" } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:automattic:woopayments:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "6.5.0", + "matchCriteriaId": "50C587F9-9382-421E-9098-7F63D766C9AC" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/woocommerce-payments/wordpress-woopayments-plugin-6-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49833.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49833.json index 3cce5797b00..85d7b93f30c 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49833.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49833.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49833", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T15:15:09.967", - "lastModified": "2023-12-14T15:20:34.133", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:14:15.050", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Spectra \u2013 WordPress Gutenberg Blocks allows Stored XSS.This issue affects Spectra \u2013 WordPress Gutenberg Blocks: from n/a through 2.7.9.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Brainstorm Force Spectra \u2013 WordPress Gutenberg Blocks permite almacenar XSS. Este problema afecta a Spectra \u2013 WordPress Gutenberg Blocks: desde n/a hasta 2.7.9." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:brainstormforce:spectra:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.7.10", + "matchCriteriaId": "F4FAD6A1-6D50-4C00-9611-4A61944BF345" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-plugin-2-7-9-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49841.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49841.json index b78c158ea42..8aab2f68f63 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49841.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49841.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49841", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T16:15:52.540", - "lastModified": "2023-12-14T17:17:54.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:03:16.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FancyThemes Optin Forms \u2013 Simple List Building Plugin for WordPress allows Stored XSS.This issue affects Optin Forms \u2013 Simple List Building Plugin for WordPress: from n/a through 1.3.3.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en FancyThemes Optin Forms \u2013 Simple List Building Plugin for WordPress permite almacenar XSS. Este problema afecta a Optin Forms \u2013 Simple List Building Plugin for WordPress: desde n/a hasta 1.3.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fancythemes:optin_forms:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.3.3", + "matchCriteriaId": "F5751A57-DB3A-4383-81E5-6FE187D7F239" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/optin-forms/wordpress-optin-forms-plugin-1-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-500xx/CVE-2023-50073.json b/CVE-2023/CVE-2023-500xx/CVE-2023-50073.json index 93612e2349a..4ac8f6f9825 100644 --- a/CVE-2023/CVE-2023-500xx/CVE-2023-50073.json +++ b/CVE-2023/CVE-2023-500xx/CVE-2023-50073.json @@ -2,19 +2,78 @@ "id": "CVE-2023-50073", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T15:15:10.260", - "lastModified": "2023-12-14T15:20:34.133", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:50:16.530", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "EmpireCMS v7.5 was discovered to contain a SQL injection vulnerability via the ftppassword parameter at SetEnews.php." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que EmpireCMS v7.5 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro ftppassword en SetEnews.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:leadscloud:empirecms:7.5:*:*:*:*:*:*:*", + "matchCriteriaId": "A3A906A8-1B33-4B3F-887A-AE83BB918F9D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/leadscloud/EmpireCMS/issues/7", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50248.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50248.json index 93a33477265..a34a662b441 100644 --- a/CVE-2023/CVE-2023-502xx/CVE-2023-50248.json +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50248.json @@ -2,16 +2,40 @@ "id": "CVE-2023-50248", "sourceIdentifier": "security-advisories@github.com", "published": "2023-12-13T21:15:08.660", - "lastModified": "2023-12-13T21:25:53.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:56:50.123", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "CKAN is an open-source data management system for powering data hubs and data portals. Starting in version 2.0.0 and prior to versions 2.9.10 and 2.10.3, when submitting a POST request to the `/dataset/new` endpoint (including either the auth cookie or the `Authorization` header) with a specially-crafted field, an attacker can create an out-of-memory error in the hosting server. To trigger this error, the attacker need to have permissions to create or edit datasets. This vulnerability has been patched in CKAN 2.10.3 and 2.9.10." + }, + { + "lang": "es", + "value": "CKAN es un sistema de gesti\u00f3n de datos de c\u00f3digo abierto para impulsar centros y portales de datos. A partir de la versi\u00f3n 2.0.0 y anteriores a las versiones 2.9.10 y 2.10.3, al enviar una solicitud POST al endpoint `/dataset/new` (incluida la cookie de autenticaci\u00f3n o el encabezado `Authorization`) con un archivo especialmente manipulado campo, un atacante puede crear un error de falta de memoria en el servidor de alojamiento. Para desencadenar este error, el atacante debe tener permisos para crear o editar conjuntos de datos. Esta vulnerabilidad ha sido parcheada en CKAN 2.10.3 y 2.9.10." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +70,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:okfn:ckan:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.0", + "versionEndExcluding": "2.9.10", + "matchCriteriaId": "3C332324-34D4-4EA8-B552-8EA55EFAA33B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:okfn:ckan:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.10.0", + "versionEndExcluding": "2.10.3", + "matchCriteriaId": "B48DC86C-262E-41F5-8BD9-44F664CE36D8" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ckan/ckan/commit/bd02018b65c5b81d7ede195d00d0fcbac3aa33be", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/ckan/ckan/security/advisories/GHSA-7fgc-89cx-w8j5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-503xx/CVE-2023-50370.json b/CVE-2023/CVE-2023-503xx/CVE-2023-50370.json index 9aadcad2d73..09e8ba78da7 100644 --- a/CVE-2023/CVE-2023-503xx/CVE-2023-50370.json +++ b/CVE-2023/CVE-2023-503xx/CVE-2023-50370.json @@ -2,16 +2,40 @@ "id": "CVE-2023-50370", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T14:15:45.027", - "lastModified": "2023-12-14T14:49:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:02:02.957", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh WPBakery Page Builder Addons by Livemesh allows Stored XSS.This issue affects WPBakery Page Builder Addons by Livemesh: from n/a through 3.5.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Livemesh WPBakery Page Builder Addons by Livemesh permite almacenar XSS. Este problema afecta a los complementos de WPBakery Page Builder by Livemesh: desde n/a hasta 3.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:livemeshthemes:wpbakery_page_builder_addons:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.6", + "matchCriteriaId": "FA9D33C1-1DD1-42B8-AF73-BF81CAB682FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/addons-for-visual-composer/wordpress-livemesh-addons-for-wpbakery-page-builder-plugin-3-5-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-503xx/CVE-2023-50371.json b/CVE-2023/CVE-2023-503xx/CVE-2023-50371.json index bec9df87cc0..b5c0b21f4d1 100644 --- a/CVE-2023/CVE-2023-503xx/CVE-2023-50371.json +++ b/CVE-2023/CVE-2023-503xx/CVE-2023-50371.json @@ -2,16 +2,40 @@ "id": "CVE-2023-50371", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T13:15:54.790", - "lastModified": "2023-12-14T14:15:45.243", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:14:34.887", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Page Visit Counter Advanced Page Visit Counter \u2013 Most Wanted Analytics Plugin for WordPress allows Stored XSS.This issue affects Advanced Page Visit Counter \u2013 Most Wanted Analytics Plugin for WordPress: from n/a through 8.0.6.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Page Visit Counter Advanced Page Visit Counter \u2013 Most Wanted Analytics Plugin for WordPress permite almacenar XSS. Este problema afecta a Advanced Page Visit Counter \u2013 Most Wanted Analytics Plugin for WordPress: desde n/a hasta 8.0.6." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pagevisitcounter:advanced_page_visit_counter:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "8.0.6", + "matchCriteriaId": "67B90117-F137-41D3-8343-2DB5417C3C38" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/advanced-page-visit-counter/wordpress-advanced-page-visit-counter-plugin-8-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-505xx/CVE-2023-50563.json b/CVE-2023/CVE-2023-505xx/CVE-2023-50563.json index 22c380b1465..4111ae49026 100644 --- a/CVE-2023/CVE-2023-505xx/CVE-2023-50563.json +++ b/CVE-2023/CVE-2023-505xx/CVE-2023-50563.json @@ -2,19 +2,78 @@ "id": "CVE-2023-50563", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T15:15:10.310", - "lastModified": "2023-12-14T15:20:34.133", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:50:04.110", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at SEMCMS_Function.php." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Semcms v4.8 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro AID en SEMCMS_Function.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sem-cms:semcms:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "BD382DC4-F472-49F5-AA7E-939EC76D4E8F" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/SecBridge/Cms_Vuls_test/blob/main/Semcms/Semcms_Sql_Inject.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-505xx/CVE-2023-50564.json b/CVE-2023/CVE-2023-505xx/CVE-2023-50564.json index 3e644627455..436bc33b683 100644 --- a/CVE-2023/CVE-2023-505xx/CVE-2023-50564.json +++ b/CVE-2023/CVE-2023-505xx/CVE-2023-50564.json @@ -2,19 +2,78 @@ "id": "CVE-2023-50564", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T15:15:10.360", - "lastModified": "2023-12-14T15:20:34.133", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:49:40.313", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de carga de archivos arbitrarios en el componente /inc/modules_install.php de Pluck-CMS v4.7.18 permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo ZIP manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pluck-cms:pluck:4.7.18:-:*:*:*:*:*:*", + "matchCriteriaId": "D1FA72CC-1126-4DC4-8431-997BC8160715" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/SecBridge/Cms_Vuls_test/blob/main/Pluckcms/Pluck_v4.7.18_Any_File_Upload_Getshell.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-505xx/CVE-2023-50565.json b/CVE-2023/CVE-2023-505xx/CVE-2023-50565.json index d23505fecf9..8c5c1f20939 100644 --- a/CVE-2023/CVE-2023-505xx/CVE-2023-50565.json +++ b/CVE-2023/CVE-2023-505xx/CVE-2023-50565.json @@ -2,19 +2,78 @@ "id": "CVE-2023-50565", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T15:15:10.410", - "lastModified": "2023-12-14T15:20:34.133", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:48:40.000", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A cross-site scripting (XSS) vulnerability in the component /logs/dopost.html in RPCMS v3.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting (XSS) en el componente /logs/dopost.html en RPCMS v3.5.5 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rpcms:rpcms:3.5.5:*:*:*:*:*:*:*", + "matchCriteriaId": "60ED4BE1-FE0A-4C99-B93B-5F498B69F789" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/ralap-z/rpcms/issues/7", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50775.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50775.json index c321c911a13..df711388a1e 100644 --- a/CVE-2023/CVE-2023-507xx/CVE-2023-50775.json +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50775.json @@ -2,23 +2,86 @@ "id": "CVE-2023-50775", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-12-13T18:15:44.280", - "lastModified": "2023-12-13T19:01:57.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:11:59.050", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Deployment Dashboard Plugin 1.0.10 and earlier allows attackers to copy jobs." + }, + { + "lang": "es", + "value": "Vulnerabilidad de cross-site request forgery (CSRF) en Jenkins Deployment Dashboard Plugin 1.0.10 y versiones anteriores permite a los atacantes copiar trabajos." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:deployment_dashboard:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "1.0.10", + "matchCriteriaId": "406492BF-B4BF-439C-A70A-683CF495A7C8" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/13/4", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3092", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50776.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50776.json index cb3bb944bcd..03b4b5d5c32 100644 --- a/CVE-2023/CVE-2023-507xx/CVE-2023-50776.json +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50776.json @@ -2,23 +2,86 @@ "id": "CVE-2023-50776", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-12-13T18:15:44.330", - "lastModified": "2023-12-13T19:01:57.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:11:13.227", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier stores PaaSLane authentication tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system." + }, + { + "lang": "es", + "value": "Jenkins PaaSLane Estimate Plugin 1.0.4 y versiones anteriores almacenan tokens de autenticaci\u00f3n de PaaSLane sin cifrar en archivos job config.xml en el controlador Jenkins, donde pueden ser vistos por usuarios con permiso de elemento/lectura extendida o acceso al sistema de archivos del controlador Jenkins." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:paaslane_estimate:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "1.0.4", + "matchCriteriaId": "C2B18C0B-D630-4999-95DB-96224E105433" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/13/4", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3182", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50777.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50777.json index 93ff2ff57d5..25166a74d0c 100644 --- a/CVE-2023/CVE-2023-507xx/CVE-2023-50777.json +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50777.json @@ -2,23 +2,86 @@ "id": "CVE-2023-50777", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-12-13T18:15:44.377", - "lastModified": "2023-12-13T19:01:57.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:10:49.673", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them." + }, + { + "lang": "es", + "value": "Jenkins PaaSLane Estimate Plugin 1.0.4 y versiones anteriores no enmascaran los tokens de autenticaci\u00f3n de PaaSLane que se muestran en el formulario de configuraci\u00f3n del trabajo, lo que aumenta la posibilidad de que los atacantes los observen y capturen." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:paaslane_estimate:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "1.0.4", + "matchCriteriaId": "C2B18C0B-D630-4999-95DB-96224E105433" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/13/4", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3182", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50778.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50778.json index 9aef0e3d4da..708cd0dd56e 100644 --- a/CVE-2023/CVE-2023-507xx/CVE-2023-50778.json +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50778.json @@ -2,23 +2,86 @@ "id": "CVE-2023-50778", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-12-13T18:15:44.420", - "lastModified": "2023-12-13T19:01:57.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:10:26.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified token." + }, + { + "lang": "es", + "value": "Vulnerabilidad de cross-site request forgery (CSRF) en Jenkins PaaSLane Estimate Plugin 1.0.4 y versiones anteriores permite a los atacantes conectarse a una URL especificada por el atacante utilizando un token especificado por el atacante." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:paaslane_estimate:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "1.0.4", + "matchCriteriaId": "C2B18C0B-D630-4999-95DB-96224E105433" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/13/4", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3179", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50779.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50779.json index 5fdb6dca404..0c9ef1772ae 100644 --- a/CVE-2023/CVE-2023-507xx/CVE-2023-50779.json +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50779.json @@ -2,23 +2,86 @@ "id": "CVE-2023-50779", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-12-13T18:15:44.467", - "lastModified": "2023-12-13T19:01:57.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:09:28.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Missing permission checks in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified token." + }, + { + "lang": "es", + "value": "Las comprobaciones de permisos faltantes en Jenkins PaaSLane Estimate Plugin 1.0.4 y versiones anteriores permiten a los atacantes con permiso general/lectura conectarse a una URL especificada por el atacante utilizando un token especificado por el atacante." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:paaslane_estimate:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "1.0.4", + "matchCriteriaId": "C2B18C0B-D630-4999-95DB-96224E105433" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/13/4", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3179", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-50xx/CVE-2023-5005.json b/CVE-2023/CVE-2023-50xx/CVE-2023-5005.json new file mode 100644 index 00000000000..299b6a9f175 --- /dev/null +++ b/CVE-2023/CVE-2023-50xx/CVE-2023-5005.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5005", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.500", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Autocomplete Location field Contact Form 7 WordPress plugin before 3.0, autocomplete-location-field-contact-form-7-pro WordPress plugin before 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/bfb174d4-7658-4883-a682-d06bda89ec44", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51384.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51384.json new file mode 100644 index 00000000000..0628f14fad0 --- /dev/null +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51384.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-51384", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-18T19:15:08.720", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.openssh.com/txt/release-9.6", + "source": "cve@mitre.org" + }, + { + "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51385.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51385.json new file mode 100644 index 00000000000..8fa5863867d --- /dev/null +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51385.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-51385", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-18T19:15:08.773", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.openssh.com/txt/release-9.6", + "source": "cve@mitre.org" + }, + { + "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-53xx/CVE-2023-5348.json b/CVE-2023/CVE-2023-53xx/CVE-2023-5348.json new file mode 100644 index 00000000000..8ed85c886a2 --- /dev/null +++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5348.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5348", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.553", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Product Catalog Mode For WooCommerce WordPress plugin before 5.0.3 does not properly authorize settings updates or escape settings values, leading to stored XSS by unauthenticated users." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/b37b09c1-1b53-471c-9b10-7d2d05ae11f1", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-55xx/CVE-2023-5536.json b/CVE-2023/CVE-2023-55xx/CVE-2023-5536.json index 651ee1fa7f5..95d3fc05f7f 100644 --- a/CVE-2023/CVE-2023-55xx/CVE-2023-5536.json +++ b/CVE-2023/CVE-2023-55xx/CVE-2023-5536.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5536", "sourceIdentifier": "security@ubuntu.com", "published": "2023-12-12T02:15:09.003", - "lastModified": "2023-12-12T13:43:48.853", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:01:53.153", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 5.9 + }, { "source": "security@ubuntu.com", "type": "Secondary", @@ -38,22 +58,65 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*", + "versionEndExcluding": "24.04", + "matchCriteriaId": "B9B542C8-8ABA-4985-A157-8E24F43CE6DB" + } + ] + } + ] + } + ], "references": [ { "url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5536", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://discourse.ubuntu.com/t/easy-multi-user-lxd-setup/26215/4", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://ubuntu.com/security/CVE-2023-5536", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-57xx/CVE-2023-5769.json b/CVE-2023/CVE-2023-57xx/CVE-2023-5769.json index 1e81be22dda..d57d1032f4d 100644 --- a/CVE-2023/CVE-2023-57xx/CVE-2023-5769.json +++ b/CVE-2023/CVE-2023-57xx/CVE-2023-5769.json @@ -2,16 +2,40 @@ "id": "CVE-2023-5769", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2023-12-14T17:15:09.920", - "lastModified": "2023-12-14T17:17:50.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:03:54.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nA vulnerability exists in the webserver that affects the \nRTU500 series product versions listed below. A malicious \nactor could perform cross-site scripting on the webserver \ndue to user input being improperly sanitized.\n\n\n" + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad en el servidor web que afecta a las versiones de productos de RTU500 series que se enumeran a continuaci\u00f3n. Un actor malintencionado podr\u00eda realizar Cross-Site Scripting en el servidor web debido a que la entrada del usuario se sanitizo incorrectamente." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cybersecurity@hitachienergy.com", "type": "Secondary", @@ -34,10 +58,311 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0.1", + "versionEndIncluding": "12.0.14", + "matchCriteriaId": "2E81BEA6-121C-48D7-BAA9-91D652E6BC1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.1", + "versionEndIncluding": "12.2.11", + "matchCriteriaId": "2469A78A-6F37-4F4B-BED8-060914B2D0A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.4.1", + "versionEndIncluding": "12.4.11", + "matchCriteriaId": "E9E6934B-EBB2-45FB-8E4A-7D360CBA0F92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.6.1", + "versionEndIncluding": "12.6.9", + "matchCriteriaId": "40D7C64F-54CC-4183-8420-011E2787541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.7.1", + "versionEndIncluding": "12.7.6", + "matchCriteriaId": "BDD81EF6-9D45-4A2D-BFAA-D10005AEA046" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.2.1", + "versionEndIncluding": "13.2.6", + "matchCriteriaId": "8D5EFAE2-81D8-4E67-8515-137EAE453D6D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.4.1", + "versionEndIncluding": "13.4.3", + "matchCriteriaId": "DC740F55-F482-4BC2-9D39-D27F40EBB7C9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hitachienergy:rtu520:-:*:*:*:*:*:*:*", + "matchCriteriaId": "11AF93AD-200F-47A6-BA2C-F82165AFB50D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0.1", + "versionEndIncluding": "12.0.14", + "matchCriteriaId": "D9F00BAD-06B1-49BE-BD41-61DE749E1506" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.1", + "versionEndIncluding": "12.2.11", + "matchCriteriaId": "79BC5D4A-09B2-41FB-962A-CF580181EB2C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.4.1", + "versionEndIncluding": "12.4.11", + "matchCriteriaId": "A30CDB2F-E0CC-4440-9E59-AB339F94996F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.6.1", + "versionEndIncluding": "12.6.9", + "matchCriteriaId": "D6BC4865-4064-421C-A746-8CB3D9DBAD7B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.7.1", + "versionEndIncluding": "12.7.6", + "matchCriteriaId": "5995FE68-15EA-4CB6-A43C-49582E4DF58C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.2.1", + "versionEndIncluding": "13.2.6", + "matchCriteriaId": "6E5803D1-164F-40E2-A348-21538EE1787F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.4.1", + "versionEndIncluding": "13.4.3", + "matchCriteriaId": "74AE224C-8D72-4C5A-ABB7-CE447E26992C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hitachienergy:rtu530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FC6F9377-E6BB-4DEA-9D87-0AF792CBAC57" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0.1", + "versionEndIncluding": "12.0.14", + "matchCriteriaId": "BBD5E8FC-3FB5-4300-BBF4-DDAF573F20F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.1", + "versionEndIncluding": "12.2.11", + "matchCriteriaId": "803838B5-058E-436B-8CE5-BF711456F96B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.4.1", + "versionEndIncluding": "12.4.11", + "matchCriteriaId": "A0361A98-1496-4763-A489-DCAE0D0DF613" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.6.1", + "versionEndIncluding": "12.6.9", + "matchCriteriaId": "7DECEA34-8A96-4943-B351-5080C4D34996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.7.1", + "versionEndIncluding": "12.7.6", + "matchCriteriaId": "AF24A6B2-D9CF-44DE-A470-A09753D3A1B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.2.1", + "versionEndIncluding": "13.2.6", + "matchCriteriaId": "2B890C79-2919-48F4-9431-3B92C48089C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.4.1", + "versionEndIncluding": "13.4.3", + "matchCriteriaId": "90834F09-E09B-46BE-94BC-5812E63DE98D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hitachienergy:rtu540:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6EEFDEF0-883D-402B-9CD4-333A145E3C75" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0.1", + "versionEndIncluding": "12.0.14", + "matchCriteriaId": "8AC22007-6E39-4C5A-A392-139B43F819C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.1", + "versionEndIncluding": "12.2.11", + "matchCriteriaId": "6BDB5A36-9B2F-43F9-A81B-506C4660151F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.4.1", + "versionEndIncluding": "12.4.11", + "matchCriteriaId": "F25FBFD5-BC45-49C9-87D4-A9C05405490D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.6.1", + "versionEndIncluding": "12.6.9", + "matchCriteriaId": "63096BB3-C0F9-4089-B11C-DE958B150DA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.7.1", + "versionEndIncluding": "12.7.6", + "matchCriteriaId": "CC2029C0-3710-4CBB-8CBE-9EBA5793506A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.2.1", + "versionEndIncluding": "13.2.6", + "matchCriteriaId": "CDFF9898-F8FF-4361-A22C-DD5E47054FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.4.1", + "versionEndIncluding": "13.4.3", + "matchCriteriaId": "18211DB4-DA86-4489-AFE1-48514160C1D4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hitachienergy:rtu560:-:*:*:*:*:*:*:*", + "matchCriteriaId": "495DCBD6-D2D1-4295-81D1-6ACA1B2CA223" + } + ] + } + ] + } + ], "references": [ { "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true", - "source": "cybersecurity@hitachienergy.com" + "source": "cybersecurity@hitachienergy.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-58xx/CVE-2023-5882.json b/CVE-2023/CVE-2023-58xx/CVE-2023-5882.json new file mode 100644 index 00000000000..83e86f4ee4b --- /dev/null +++ b/CVE-2023/CVE-2023-58xx/CVE-2023-5882.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5882", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.603", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers to make logged in users perform unwanted actions leading to remote code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/72be4b5c-21be-46af-a3f4-08b4c190a7e2", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-58xx/CVE-2023-5886.json b/CVE-2023/CVE-2023-58xx/CVE-2023-5886.json new file mode 100644 index 00000000000..2fe2b411ff9 --- /dev/null +++ b/CVE-2023/CVE-2023-58xx/CVE-2023-5886.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5886", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.653", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers with the ability to upload files to make logged in users perform unwanted actions leading to PHAR deserialization, which may lead to remote code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/0a08e49d-d34e-4140-a15d-ad64444665a3", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5949.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5949.json new file mode 100644 index 00000000000..d3328e23542 --- /dev/null +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5949.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5949", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.703", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The SmartCrawl WordPress plugin before 3.8.3 does not prevent unauthorised users from accessing password-protected posts' content." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/3cec27ca-f470-402d-ae3e-271cb59cf407", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6065.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6065.json new file mode 100644 index 00000000000..f2a4ea21e9c --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6065.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-6065", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.750", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://drive.google.com/file/d/1w83xWsVLS_gCpQy4LDwbjNK9JaB87EEf/view?usp=sharing", + "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/64f2557f-c5e4-4779-9e28-911dfaf2dda5", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6077.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6077.json new file mode 100644 index 00000000000..2daa824177a --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6077.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-6077", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.797", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Slider WordPress plugin before 3.5.12 does not ensure that posts to be accessed via an AJAX action are slides and can be viewed by the user making the request, allowing any authenticated users, such as subscriber to access the content arbitrary post such as private, draft and password protected" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/1afc0e4a-f712-47d4-bf29-7719ccbbbb1b", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6203.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6203.json new file mode 100644 index 00000000000..9513a4010a4 --- /dev/null +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6203.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-6203", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.847", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Events Calendar WordPress plugin before 6.2.8.1 discloses the content of password protected posts to unauthenticated users via a crafted request" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/229273e6-e849-447f-a95a-0730969ecdae", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6222.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6222.json new file mode 100644 index 00000000000..3241126e5d2 --- /dev/null +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6222.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-6222", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.893", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://drive.google.com/file/d/1krgHH2NvVFr93VpErLkOjDV3L6M5yIA1/view?usp=sharing", + "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/df892e99-c0f6-42b8-a834-fc55d1bde130", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6272.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6272.json new file mode 100644 index 00000000000..c3adf794693 --- /dev/null +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6272.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-6272", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.940", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Theme My Login 2FA WordPress plugin before 1.2 does not rate limit 2FA validation attempts, which may allow an attacker to brute-force all possibilities, which shouldn't be too long, as the 2FA codes are 6 digits." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/a03243ea-fee7-46e4-8037-a228afc5297a", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6289.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6289.json new file mode 100644 index 00000000000..573ddf4df80 --- /dev/null +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6289.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-6289", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:08.983", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Swift Performance Lite WordPress plugin before 2.3.6.15 does not prevent users from exporting the plugin's settings, which may include sensitive information such as Cloudflare API tokens." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/8c83dd57-9291-4dfc-846d-5ad47534e2ad", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6295.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6295.json new file mode 100644 index 00000000000..12c70d37615 --- /dev/null +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6295.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-6295", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-18T20:15:09.027", + "lastModified": "2023-12-18T20:21:38.537", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The SiteOrigin Widgets Bundle WordPress plugin before 1.51.0 does not validate user input before using it to generate paths passed to include function/s, allowing users with the administrator role to perform LFI attacks in the context of Multisite WordPress sites." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/adc9ed9f-55b4-43a9-a79d-c7120764f47c", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6381.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6381.json index d155c690de2..d6abfa3b877 100644 --- a/CVE-2023/CVE-2023-63xx/CVE-2023-6381.json +++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6381.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6381", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2023-12-13T11:15:07.830", - "lastModified": "2023-12-13T13:35:16.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:58:19.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "cve-coordination@incibe.es", "type": "Secondary", @@ -40,8 +60,18 @@ }, "weaknesses": [ { - "source": "cve-coordination@incibe.es", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", "description": [ { "lang": "en", @@ -50,10 +80,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:supermailer:supermailer:11.20.0.2204:*:*:*:*:*:*:*", + "matchCriteriaId": "565674D3-43AB-45A0-BB60-375A6C7D7C04" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/improper-input-validation-newsletter-software-supermailer", - "source": "cve-coordination@incibe.es" + "source": "cve-coordination@incibe.es", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-64xx/CVE-2023-6407.json b/CVE-2023/CVE-2023-64xx/CVE-2023-6407.json index c7c61306f6d..0d7534c7ae0 100644 --- a/CVE-2023/CVE-2023-64xx/CVE-2023-6407.json +++ b/CVE-2023/CVE-2023-64xx/CVE-2023-6407.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6407", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-12-14T05:15:14.407", - "lastModified": "2023-12-14T13:52:06.780", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:34:53.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nA CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nvulnerability exists that could cause arbitrary file deletion upon service restart when accessed by\na local and low-privileged attacker.\n\n" + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad CWE-22: limitaci\u00f3n inadecuada de un nombre de ruta a un directorio restringido (\"Path Traversal\") que podr\u00eda causar la eliminaci\u00f3n arbitraria de archivos al reiniciar el servicio cuando un atacante local y con pocos privilegios accede a \u00e9l." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -46,10 +70,73 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:easy_ups_online_monitoring_software:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.6-ga-01-23248", + "matchCriteriaId": "717BACD7-C79C-4CC1-B003-6377C26386D7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-346-03.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6542.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6542.json index 633902b3736..422cab1c147 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6542.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6542.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6542", "sourceIdentifier": "cna@sap.com", "published": "2023-12-12T02:15:09.347", - "lastModified": "2023-12-12T13:43:48.853", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:00:10.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + }, { "source": "cna@sap.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, { "source": "cna@sap.com", "type": "Secondary", @@ -50,14 +80,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:emarsys_sdk:3.6.2:*:*:*:*:android:*:*", + "matchCriteriaId": "E6793E94-E8D2-4463-8D64-966BC6D8DC55" + } + ] + } + ] + } + ], "references": [ { "url": "https://me.sap.com/notes/3406244", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Permissions Required", + "Vendor Advisory" + ] }, { "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6569.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6569.json index c2d134d9553..121e49953d8 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6569.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6569.json @@ -2,15 +2,41 @@ "id": "CVE-2023-6569", "sourceIdentifier": "security@huntr.dev", "published": "2023-12-14T13:15:55.020", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:14:18.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "External Control of File Name or Path in h2oai/h2o-3" + }, + { + "lang": "es", + "value": "Control externo del nombre o ruta del archivo en h2oai/h2o-3" } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -36,8 +62,18 @@ }, "weaknesses": [ { - "source": "security@huntr.dev", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-610" + } + ] + }, + { + "source": "security@huntr.dev", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +82,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:h2o:h2o:3.40.0.4:*:*:*:*:*:*:*", + "matchCriteriaId": "E57282AC-B36C-452D-968F-DD4B940072BD" + } + ] + } + ] + } + ], "references": [ { "url": "https://huntr.com/bounties/a5d003dc-c23e-4c98-8dcf-35ba9252fa3c", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6570.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6570.json index 7d73c1ee8f6..d95e55ebaa0 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6570.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6570.json @@ -2,15 +2,41 @@ "id": "CVE-2023-6570", "sourceIdentifier": "security@huntr.dev", "published": "2023-12-14T13:15:55.230", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:13:39.747", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Server-Side Request Forgery (SSRF) in kubeflow/kubeflow" + }, + { + "lang": "es", + "value": "Server-Side Request Forgery (SSRF) en kubeflow/kubeflow" } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,10 +72,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kubeflow:kubeflow:1.7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "939D4D1F-5E76-4D19-AD56-EBDFEDC69D8D" + } + ] + } + ] + } + ], "references": [ { "url": "https://huntr.com/bounties/82d6e853-013b-4029-a23f-8b50ec56602a", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6571.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6571.json index 72734b08469..89b2ed1a516 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6571.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6571.json @@ -2,15 +2,41 @@ "id": "CVE-2023-6571", "sourceIdentifier": "security@huntr.dev", "published": "2023-12-14T13:15:55.423", - "lastModified": "2023-12-14T13:51:59.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T20:12:18.817", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-site Scripting (XSS) - Reflected in kubeflow/kubeflow" + }, + { + "lang": "es", + "value": "Cross-site Scripting (XSS): reflejado en kubeflow/kubeflow" } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,10 +72,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kubeflow:kubeflow:1.7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "939D4D1F-5E76-4D19-AD56-EBDFEDC69D8D" + } + ] + } + ] + } + ], "references": [ { "url": "https://huntr.com/bounties/f02781e7-2a53-4c66-aa32-babb16434632", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6691.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6691.json index 3392fbeec9d..b7c7598c9fe 100644 --- a/CVE-2023/CVE-2023-66xx/CVE-2023-6691.json +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6691.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6691", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-12-18T18:15:08.120", - "lastModified": "2023-12-18T18:15:08.120", - "vulnStatus": "Received", + "lastModified": "2023-12-18T19:05:45.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6765.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6765.json index eca81a52ebc..fdade21ecbb 100644 --- a/CVE-2023/CVE-2023-67xx/CVE-2023-6765.json +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6765.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6765", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-13T18:15:44.627", - "lastModified": "2023-12-13T19:01:57.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:05:53.770", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function prepare of the file email_setup.php. The manipulation of the argument name leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247895." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en SourceCodester Online Tours & Travels Management System 1.0. Ha sido calificada como cr\u00edtica. Este problema afecta la funci\u00f3n de preparaci\u00f3n del archivo email_setup.php. La manipulaci\u00f3n del nombre del argumento conduce a la inyecci\u00f3n de SQL. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-247895." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mayurik:online_tours_\\&_travels_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "034678D5-42ED-4076-964F-D89620540E75" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.csdn.net/xitanging/article/details/134903112", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.247895", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.247895", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6766.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6766.json index b5442487247..50c4394b360 100644 --- a/CVE-2023/CVE-2023-67xx/CVE-2023-6766.json +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6766.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6766", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-13T18:15:44.870", - "lastModified": "2023-12-13T19:01:57.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:04:02.987", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic has been found in PHPGurukul Teacher Subject Allocation Management System 1.0. Affected is an unknown function of the file /admin/course.php of the component Delete Course Handler. The manipulation of the argument delid leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247896." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en PHPGurukul Teacher Subject Allocation Management System 1.0 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo /admin/course.php del componente Delete Course Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento delid conduce a cross-site request forgery. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-247896." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.9, + "impactScore": 2.5 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:teacher_subject_allocation_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FEDCFA35-D2DD-41B1-9D2F-49FC8443B0A2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_course.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.247896", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.247896", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6767.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6767.json index b3742bae9ff..e1c7733248a 100644 --- a/CVE-2023/CVE-2023-67xx/CVE-2023-6767.json +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6767.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6767", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-13T18:15:45.107", - "lastModified": "2023-12-13T19:01:57.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-18T19:00:46.430", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, was found in SourceCodester Wedding Guest e-Book 1.0. This affects an unknown part of the file /endpoint/add-guest.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-247899." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester Wedding Guest e-Book 1.0 y clasificada como problem\u00e1tica. Esto afecta a una parte desconocida del archivo /endpoint/add-guest.php. La manipulaci\u00f3n del nombre del argumento conduce a cross-site scripting. Es posible iniciar el ataque de forma remota. El identificador asociado de esta vulnerabilidad es VDB-247899." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,14 +95,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:remyandrade:wedding_guest_e-book:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "430DCA34-AD00-48C5-B786-F9EA8A981FBC" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.247899", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.247899", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 84f86f272be..113a4f49800 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-18T19:00:24.329154+00:00 +2023-12-18T21:00:25.275519+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-18T19:00:10.557000+00:00 +2023-12-18T20:36:34.027000+00:00 ``` ### Last Data Feed Release @@ -29,49 +29,61 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -233623 +233640 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `17` -* [CVE-2023-6920](CVE-2023/CVE-2023-69xx/CVE-2023-6920.json) (`2023-12-18T17:15:11.673`) -* [CVE-2023-46617](CVE-2023/CVE-2023-466xx/CVE-2023-46617.json) (`2023-12-18T17:15:09.823`) -* [CVE-2023-48762](CVE-2023/CVE-2023-487xx/CVE-2023-48762.json) (`2023-12-18T17:15:10.033`) -* [CVE-2023-48766](CVE-2023/CVE-2023-487xx/CVE-2023-48766.json) (`2023-12-18T17:15:10.583`) -* [CVE-2023-6691](CVE-2023/CVE-2023-66xx/CVE-2023-6691.json) (`2023-12-18T18:15:08.120`) +* [CVE-2023-51384](CVE-2023/CVE-2023-513xx/CVE-2023-51384.json) (`2023-12-18T19:15:08.720`) +* [CVE-2023-51385](CVE-2023/CVE-2023-513xx/CVE-2023-51385.json) (`2023-12-18T19:15:08.773`) +* [CVE-2023-47741](CVE-2023/CVE-2023-477xx/CVE-2023-47741.json) (`2023-12-18T20:15:08.213`) +* [CVE-2023-4311](CVE-2023/CVE-2023-43xx/CVE-2023-4311.json) (`2023-12-18T20:15:08.397`) +* [CVE-2023-4724](CVE-2023/CVE-2023-47xx/CVE-2023-4724.json) (`2023-12-18T20:15:08.453`) +* [CVE-2023-5005](CVE-2023/CVE-2023-50xx/CVE-2023-5005.json) (`2023-12-18T20:15:08.500`) +* [CVE-2023-5348](CVE-2023/CVE-2023-53xx/CVE-2023-5348.json) (`2023-12-18T20:15:08.553`) +* [CVE-2023-5882](CVE-2023/CVE-2023-58xx/CVE-2023-5882.json) (`2023-12-18T20:15:08.603`) +* [CVE-2023-5886](CVE-2023/CVE-2023-58xx/CVE-2023-5886.json) (`2023-12-18T20:15:08.653`) +* [CVE-2023-5949](CVE-2023/CVE-2023-59xx/CVE-2023-5949.json) (`2023-12-18T20:15:08.703`) +* [CVE-2023-6065](CVE-2023/CVE-2023-60xx/CVE-2023-6065.json) (`2023-12-18T20:15:08.750`) +* [CVE-2023-6077](CVE-2023/CVE-2023-60xx/CVE-2023-6077.json) (`2023-12-18T20:15:08.797`) +* [CVE-2023-6203](CVE-2023/CVE-2023-62xx/CVE-2023-6203.json) (`2023-12-18T20:15:08.847`) +* [CVE-2023-6222](CVE-2023/CVE-2023-62xx/CVE-2023-6222.json) (`2023-12-18T20:15:08.893`) +* [CVE-2023-6272](CVE-2023/CVE-2023-62xx/CVE-2023-6272.json) (`2023-12-18T20:15:08.940`) +* [CVE-2023-6289](CVE-2023/CVE-2023-62xx/CVE-2023-6289.json) (`2023-12-18T20:15:08.983`) +* [CVE-2023-6295](CVE-2023/CVE-2023-62xx/CVE-2023-6295.json) (`2023-12-18T20:15:09.027`) ### CVEs modified in the last Commit -Recently modified CVEs: `78` +Recently modified CVEs: `176` -* [CVE-2023-48636](CVE-2023/CVE-2023-486xx/CVE-2023-48636.json) (`2023-12-18T18:36:06.153`) -* [CVE-2023-49743](CVE-2023/CVE-2023-497xx/CVE-2023-49743.json) (`2023-12-18T18:39:56.250`) -* [CVE-2023-49745](CVE-2023/CVE-2023-497xx/CVE-2023-49745.json) (`2023-12-18T18:40:10.603`) -* [CVE-2023-6795](CVE-2023/CVE-2023-67xx/CVE-2023-6795.json) (`2023-12-18T18:41:04.070`) -* [CVE-2023-45866](CVE-2023/CVE-2023-458xx/CVE-2023-45866.json) (`2023-12-18T18:41:28.947`) -* [CVE-2023-6794](CVE-2023/CVE-2023-67xx/CVE-2023-6794.json) (`2023-12-18T18:43:03.610`) -* [CVE-2023-6793](CVE-2023/CVE-2023-67xx/CVE-2023-6793.json) (`2023-12-18T18:45:24.643`) -* [CVE-2023-48443](CVE-2023/CVE-2023-484xx/CVE-2023-48443.json) (`2023-12-18T18:46:50.087`) -* [CVE-2023-48442](CVE-2023/CVE-2023-484xx/CVE-2023-48442.json) (`2023-12-18T18:47:00.583`) -* [CVE-2023-48441](CVE-2023/CVE-2023-484xx/CVE-2023-48441.json) (`2023-12-18T18:47:25.233`) -* [CVE-2023-48440](CVE-2023/CVE-2023-484xx/CVE-2023-48440.json) (`2023-12-18T18:47:36.650`) -* [CVE-2023-47065](CVE-2023/CVE-2023-470xx/CVE-2023-47065.json) (`2023-12-18T18:47:46.973`) -* [CVE-2023-47064](CVE-2023/CVE-2023-470xx/CVE-2023-47064.json) (`2023-12-18T18:47:57.593`) -* [CVE-2023-50368](CVE-2023/CVE-2023-503xx/CVE-2023-50368.json) (`2023-12-18T18:51:37.847`) -* [CVE-2023-6792](CVE-2023/CVE-2023-67xx/CVE-2023-6792.json) (`2023-12-18T18:51:58.967`) -* [CVE-2023-6791](CVE-2023/CVE-2023-67xx/CVE-2023-6791.json) (`2023-12-18T18:53:38.087`) -* [CVE-2023-6790](CVE-2023/CVE-2023-67xx/CVE-2023-6790.json) (`2023-12-18T18:53:56.697`) -* [CVE-2023-6789](CVE-2023/CVE-2023-67xx/CVE-2023-6789.json) (`2023-12-18T18:54:39.670`) -* [CVE-2023-6772](CVE-2023/CVE-2023-67xx/CVE-2023-6772.json) (`2023-12-18T18:56:31.197`) -* [CVE-2023-6771](CVE-2023/CVE-2023-67xx/CVE-2023-6771.json) (`2023-12-18T18:57:14.040`) -* [CVE-2023-46727](CVE-2023/CVE-2023-467xx/CVE-2023-46727.json) (`2023-12-18T18:57:31.453`) -* [CVE-2023-50369](CVE-2023/CVE-2023-503xx/CVE-2023-50369.json) (`2023-12-18T18:57:46.290`) -* [CVE-2023-46726](CVE-2023/CVE-2023-467xx/CVE-2023-46726.json) (`2023-12-18T18:59:15.213`) -* [CVE-2023-43813](CVE-2023/CVE-2023-438xx/CVE-2023-43813.json) (`2023-12-18T18:59:53.300`) -* [CVE-2023-47327](CVE-2023/CVE-2023-473xx/CVE-2023-47327.json) (`2023-12-18T19:00:10.557`) +* [CVE-2023-48532](CVE-2023/CVE-2023-485xx/CVE-2023-48532.json) (`2023-12-18T20:29:39.520`) +* [CVE-2023-48533](CVE-2023/CVE-2023-485xx/CVE-2023-48533.json) (`2023-12-18T20:30:31.487`) +* [CVE-2023-48552](CVE-2023/CVE-2023-485xx/CVE-2023-48552.json) (`2023-12-18T20:31:52.600`) +* [CVE-2023-48553](CVE-2023/CVE-2023-485xx/CVE-2023-48553.json) (`2023-12-18T20:31:59.470`) +* [CVE-2023-48554](CVE-2023/CVE-2023-485xx/CVE-2023-48554.json) (`2023-12-18T20:32:08.223`) +* [CVE-2023-48555](CVE-2023/CVE-2023-485xx/CVE-2023-48555.json) (`2023-12-18T20:32:16.557`) +* [CVE-2023-48556](CVE-2023/CVE-2023-485xx/CVE-2023-48556.json) (`2023-12-18T20:32:24.067`) +* [CVE-2023-48551](CVE-2023/CVE-2023-485xx/CVE-2023-48551.json) (`2023-12-18T20:34:05.903`) +* [CVE-2023-48550](CVE-2023/CVE-2023-485xx/CVE-2023-48550.json) (`2023-12-18T20:34:16.303`) +* [CVE-2023-48549](CVE-2023/CVE-2023-485xx/CVE-2023-48549.json) (`2023-12-18T20:34:23.420`) +* [CVE-2023-48548](CVE-2023/CVE-2023-485xx/CVE-2023-48548.json) (`2023-12-18T20:34:32.257`) +* [CVE-2023-48547](CVE-2023/CVE-2023-485xx/CVE-2023-48547.json) (`2023-12-18T20:34:38.533`) +* [CVE-2023-48546](CVE-2023/CVE-2023-485xx/CVE-2023-48546.json) (`2023-12-18T20:34:48.300`) +* [CVE-2023-48545](CVE-2023/CVE-2023-485xx/CVE-2023-48545.json) (`2023-12-18T20:34:54.843`) +* [CVE-2023-48544](CVE-2023/CVE-2023-485xx/CVE-2023-48544.json) (`2023-12-18T20:35:08.170`) +* [CVE-2023-48543](CVE-2023/CVE-2023-485xx/CVE-2023-48543.json) (`2023-12-18T20:35:22.643`) +* [CVE-2023-48542](CVE-2023/CVE-2023-485xx/CVE-2023-48542.json) (`2023-12-18T20:35:30.380`) +* [CVE-2023-48540](CVE-2023/CVE-2023-485xx/CVE-2023-48540.json) (`2023-12-18T20:35:36.597`) +* [CVE-2023-48541](CVE-2023/CVE-2023-485xx/CVE-2023-48541.json) (`2023-12-18T20:35:43.487`) +* [CVE-2023-48539](CVE-2023/CVE-2023-485xx/CVE-2023-48539.json) (`2023-12-18T20:35:58.943`) +* [CVE-2023-48538](CVE-2023/CVE-2023-485xx/CVE-2023-48538.json) (`2023-12-18T20:36:06.677`) +* [CVE-2023-48537](CVE-2023/CVE-2023-485xx/CVE-2023-48537.json) (`2023-12-18T20:36:13.320`) +* [CVE-2023-48536](CVE-2023/CVE-2023-485xx/CVE-2023-48536.json) (`2023-12-18T20:36:19.380`) +* [CVE-2023-48535](CVE-2023/CVE-2023-485xx/CVE-2023-48535.json) (`2023-12-18T20:36:25.687`) +* [CVE-2023-48534](CVE-2023/CVE-2023-485xx/CVE-2023-48534.json) (`2023-12-18T20:36:34.027`) ## Download and Usage