From 68e31eaa3f9effca59bc2915c2d616dcfd683cee Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 18 Sep 2023 12:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-09-18T12:00:24.968168+00:00 --- CVE-2023/CVE-2023-349xx/CVE-2023-34999.json | 55 +++++++++++++++++++++ README.md | 15 +++--- 2 files changed, 61 insertions(+), 9 deletions(-) create mode 100644 CVE-2023/CVE-2023-349xx/CVE-2023-34999.json diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34999.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34999.json new file mode 100644 index 00000000000..6c0df01b83d --- /dev/null +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34999.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34999", + "sourceIdentifier": "psirt@bosch.com", + "published": "2023-09-18T11:15:41.867", + "lastModified": "2023-09-18T11:15:41.867", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (< 5.7.6) and v6 (< 6.5.0) that allows an attacker to perform arbitrary code execution via the admin web interface." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@bosch.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@bosch.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-893251-BT.html", + "source": "psirt@bosch.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 0e05cfc2812..bba6893a751 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-18T10:00:27.234698+00:00 +2023-09-18T12:00:24.968168+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-18T09:15:07.823000+00:00 +2023-09-18T11:15:41.867000+00:00 ``` ### Last Data Feed Release @@ -29,23 +29,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -225753 +225754 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `1` -* [CVE-2020-36766](CVE-2020/CVE-2020-367xx/CVE-2020-36766.json) (`2023-09-18T09:15:07.693`) -* [CVE-2023-43115](CVE-2023/CVE-2023-431xx/CVE-2023-43115.json) (`2023-09-18T08:15:07.380`) +* [CVE-2023-34999](CVE-2023/CVE-2023-349xx/CVE-2023-34999.json) (`2023-09-18T11:15:41.867`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `0` -* [CVE-2020-22916](CVE-2020/CVE-2020-229xx/CVE-2020-22916.json) (`2023-09-18T09:15:07.460`) -* [CVE-2023-4863](CVE-2023/CVE-2023-48xx/CVE-2023-4863.json) (`2023-09-18T09:15:07.823`) ## Download and Usage