From 739753174b759d403d4d562960a1ee7043bf1b97 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 28 Dec 2023 19:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-12-28T19:00:24.853584+00:00 --- CVE-2014/CVE-2014-99xx/CVE-2014-9940.json | 47 +- CVE-2019/CVE-2019-168xx/CVE-2019-16892.json | 81 +- CVE-2019/CVE-2019-251xx/CVE-2019-25158.json | 66 +- CVE-2020/CVE-2020-367xx/CVE-2020-36754.json | 10 +- CVE-2021/CVE-2021-206xx/CVE-2021-20678.json | 6 +- CVE-2021/CVE-2021-467xx/CVE-2021-46758.json | 56 +- CVE-2022/CVE-2022-48xx/CVE-2022-4830.json | 20 +- CVE-2023/CVE-2023-224xx/CVE-2023-22439.json | 162 +- CVE-2023/CVE-2023-238xx/CVE-2023-23840.json | 14 +- CVE-2023/CVE-2023-238xx/CVE-2023-23845.json | 14 +- CVE-2023/CVE-2023-332xx/CVE-2023-33225.json | 6 +- CVE-2023/CVE-2023-351xx/CVE-2023-35185.json | 46 +- CVE-2023/CVE-2023-36xx/CVE-2023-3622.json | 6 +- CVE-2023/CVE-2023-395xx/CVE-2023-39548.json | 24 +- CVE-2023/CVE-2023-400xx/CVE-2023-40053.json | 22 +- CVE-2023/CVE-2023-400xx/CVE-2023-40061.json | 46 +- CVE-2023/CVE-2023-421xx/CVE-2023-42183.json | 65 +- CVE-2023/CVE-2023-42xx/CVE-2023-4295.json | 15 +- CVE-2023/CVE-2023-457xx/CVE-2023-45794.json | 20 +- CVE-2023/CVE-2023-458xx/CVE-2023-45809.json | 14 +- CVE-2023/CVE-2023-458xx/CVE-2023-45835.json | 2 +- CVE-2023/CVE-2023-472xx/CVE-2023-47272.json | 79 +- CVE-2023/CVE-2023-473xx/CVE-2023-47363.json | 6 +- CVE-2023/CVE-2023-473xx/CVE-2023-47364.json | 6 +- CVE-2023/CVE-2023-473xx/CVE-2023-47365.json | 6 +- CVE-2023/CVE-2023-482xx/CVE-2023-48231.json | 46 +- CVE-2023/CVE-2023-487xx/CVE-2023-48738.json | 47 +- CVE-2023/CVE-2023-487xx/CVE-2023-48764.json | 47 +- CVE-2023/CVE-2023-487xx/CVE-2023-48795.json | 1613 +++++++++++++++++-- CVE-2023/CVE-2023-490xx/CVE-2023-49092.json | 8 +- CVE-2023/CVE-2023-497xx/CVE-2023-49734.json | 65 +- CVE-2023/CVE-2023-497xx/CVE-2023-49736.json | 65 +- CVE-2023/CVE-2023-508xx/CVE-2023-50835.json | 47 +- CVE-2023/CVE-2023-53xx/CVE-2023-5384.json | 101 +- CVE-2023/CVE-2023-56xx/CVE-2023-5641.json | 6 +- CVE-2023/CVE-2023-61xx/CVE-2023-6105.json | 791 ++++++--- CVE-2023/CVE-2023-62xx/CVE-2023-6228.json | 93 +- CVE-2023/CVE-2023-63xx/CVE-2023-6305.json | 8 +- CVE-2023/CVE-2023-63xx/CVE-2023-6306.json | 8 +- CVE-2023/CVE-2023-66xx/CVE-2023-6691.json | 73 +- CVE-2023/CVE-2023-67xx/CVE-2023-6730.json | 58 +- CVE-2023/CVE-2023-69xx/CVE-2023-6931.json | 68 +- CVE-2023/CVE-2023-69xx/CVE-2023-6932.json | 68 +- CVE-2023/CVE-2023-69xx/CVE-2023-6945.json | 62 +- CVE-2023/CVE-2023-71xx/CVE-2023-7131.json | 88 + CVE-2023/CVE-2023-71xx/CVE-2023-7132.json | 88 + CVE-2023/CVE-2023-71xx/CVE-2023-7133.json | 88 + README.md | 73 +- 48 files changed, 3827 insertions(+), 623 deletions(-) create mode 100644 CVE-2023/CVE-2023-71xx/CVE-2023-7131.json create mode 100644 CVE-2023/CVE-2023-71xx/CVE-2023-7132.json create mode 100644 CVE-2023/CVE-2023-71xx/CVE-2023-7133.json diff --git a/CVE-2014/CVE-2014-99xx/CVE-2014-9940.json b/CVE-2014/CVE-2014-99xx/CVE-2014-9940.json index 0bfbb23c279..b3677b49381 100644 --- a/CVE-2014/CVE-2014-99xx/CVE-2014-9940.json +++ b/CVE-2014/CVE-2014-99xx/CVE-2014-9940.json @@ -2,7 +2,7 @@ "id": "CVE-2014-9940", "sourceIdentifier": "security@android.com", "published": "2017-05-02T21:59:00.167", - "lastModified": "2023-09-28T22:06:37.327", + "lastModified": "2023-12-28T18:11:41.263", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,9 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartExcluding": "3.16.45", - "matchCriteriaId": "7E941F20-32AC-4C41-8F38-24A76BD73BF1" + "versionStartExcluding": "3.10", + "versionEndExcluding": "3.16.45", + "matchCriteriaId": "2FA9A690-FCB0-461A-82EE-2FC830BD9BE1" }, { "vulnerable": true, @@ -94,6 +95,46 @@ "versionStartIncluding": "3.17", "versionEndExcluding": "3.18.52", "matchCriteriaId": "8104AAC1-9700-4372-8E11-37B09309A76F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:3.10:-:*:*:*:*:*:*", + "matchCriteriaId": "82D28405-E1F2-43CF-AA38-B228805AFFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:3.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8220D375-BEB3-49DA-9FE2-E33CE9727E33" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:3.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "6A9D64B9-B500-46DD-807A-7AE8898D814F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:3.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "7B933742-22C3-41D1-9588-C7E7A126DDD3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:3.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "DC6F70D0-FB0D-4CCA-B54B-2D50D7E05C79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:3.10:rc5:*:*:*:*:*:*", + "matchCriteriaId": "7531C844-BA6E-44F3-BCBC-1036C21541C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:3.10:rc6:*:*:*:*:*:*", + "matchCriteriaId": "2DD6E1E7-AF5F-46ED-A729-288651810FFF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:3.10:rc7:*:*:*:*:*:*", + "matchCriteriaId": "7EDF2BC7-2812-4297-9FF3-2CFFE1EE8584" } ] } diff --git a/CVE-2019/CVE-2019-168xx/CVE-2019-16892.json b/CVE-2019/CVE-2019-168xx/CVE-2019-16892.json index 9eee60ae4be..13984b7b0e6 100644 --- a/CVE-2019/CVE-2019-168xx/CVE-2019-16892.json +++ b/CVE-2019/CVE-2019-168xx/CVE-2019-16892.json @@ -2,8 +2,8 @@ "id": "CVE-2019-16892", "sourceIdentifier": "cve@mitre.org", "published": "2019-09-25T22:15:10.023", - "lastModified": "2023-11-16T23:15:07.863", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T17:04:56.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-400" + "value": "NVD-CWE-noinfo" } ] } @@ -91,20 +91,74 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", + "matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", + "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", + "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*", + "matchCriteriaId": "04AC556D-D511-4C4C-B9FB-A089BB2FEFD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:cloudforms:5.11:*:*:*:*:*:*:*", + "matchCriteriaId": "4E936928-D918-4C0E-9ECB-4AA1814740F3" + } + ] + } + ] } ], "references": [ { "url": "https://access.redhat.com/errata/RHBA-2019:4047", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2019:4201", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/rubyzip/rubyzip/commit/d65fe7bd283ec94f9d6dc7605f61a6b0dd00f55e", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/rubyzip/rubyzip/pull/403", @@ -118,15 +172,24 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J45KSFPP6DFVWLC7Z73L7SX735CKZYO6/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWWPORMSBHZTMP4PGF4DQD22TTKBQMMC/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X255K6ZBAQC462PQN2ND5HOTTQEJ2G2X/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2019/CVE-2019-251xx/CVE-2019-25158.json b/CVE-2019/CVE-2019-251xx/CVE-2019-25158.json index 8d1848c24ba..b01606ccbfa 100644 --- a/CVE-2019/CVE-2019-251xx/CVE-2019-25158.json +++ b/CVE-2019/CVE-2019-251xx/CVE-2019-25158.json @@ -2,16 +2,40 @@ "id": "CVE-2019-25158", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-19T13:15:43.133", - "lastModified": "2023-12-19T13:42:12.823", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:15:25.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in pedroetb tts-api up to 2.1.4 and classified as critical. This vulnerability affects the function onSpeechDone of the file app.js. The manipulation leads to os command injection. Upgrading to version 2.2.0 is able to address this issue. The patch is identified as 29d9c25415911ea2f8b6de247cb5c4607d13d434. It is recommended to upgrade the affected component. VDB-248278 is the identifier assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en pedroetb tts-api hasta 2.1.4 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n onSpeechDone del archivo app.js. La manipulaci\u00f3n conduce a la inyecci\u00f3n de comandos del sistema operativo. La actualizaci\u00f3n a la versi\u00f3n 2.2.0 puede solucionar este problema. El parche se identifica como 29d9c25415911ea2f8b6de247cb5c4607d13d434. Se recomienda actualizar el componente afectado. VDB-248278 es el identificador asignado a esta vulnerabilidad." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,22 +95,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pedroetb:tts-api:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "6A7BC92B-21CF-43A4-87DC-12008F7AC264" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pedroetb/tts-api/commit/29d9c25415911ea2f8b6de247cb5c4607d13d434", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/pedroetb/tts-api/releases/tag/v2.2.0", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://vuldb.com/?ctiid.248278", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.248278", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36754.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36754.json index bc273b275e1..309a1f09a94 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36754.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36754.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36754", "sourceIdentifier": "security@wordfence.com", "published": "2023-10-20T08:15:11.250", - "lastModified": "2023-11-07T03:22:32.750", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T17:32:46.623", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -37,7 +37,7 @@ "impactScore": 1.4 }, { - "source": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", + "source": "security@wordfence.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -79,9 +79,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:paidmembershipspro:paid_memberships_pro:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "2.4.2", - "matchCriteriaId": "6E4AD015-E3FF-4AB7-8CCB-ECB0A0043953" + "matchCriteriaId": "42246A2F-153C-4BFE-AD26-1126A54BB14F" } ] } diff --git a/CVE-2021/CVE-2021-206xx/CVE-2021-20678.json b/CVE-2021/CVE-2021-206xx/CVE-2021-20678.json index 08d66a536c1..b801020b25e 100644 --- a/CVE-2021/CVE-2021-206xx/CVE-2021-20678.json +++ b/CVE-2021/CVE-2021-206xx/CVE-2021-20678.json @@ -2,7 +2,7 @@ "id": "CVE-2021-20678", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2021-03-18T01:15:12.450", - "lastModified": "2021-03-23T15:37:14.267", + "lastModified": "2023-12-28T18:33:11.173", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:paidmembershipspro:paid_memberships_pro:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.5.6", - "matchCriteriaId": "EDE4ECCB-EF41-4BF0-99F3-1DAA792F8787" + "matchCriteriaId": "7C956371-CBBE-4173-B139-9324222D0A67" } ] } diff --git a/CVE-2021/CVE-2021-467xx/CVE-2021-46758.json b/CVE-2021/CVE-2021-467xx/CVE-2021-46758.json index 0f5c72be7c3..fa631e2a40e 100644 --- a/CVE-2021/CVE-2021-467xx/CVE-2021-46758.json +++ b/CVE-2021/CVE-2021-467xx/CVE-2021-46758.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46758", "sourceIdentifier": "psirt@amd.com", "published": "2023-11-14T19:15:10.310", - "lastModified": "2023-11-22T15:15:58.473", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T17:38:00.967", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -313,8 +313,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_9_4900h_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "D80DB0DF-2AFE-42A3-A1C1-CC94D92A7DC4" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "4573D5E6-B8D5-4D44-83B0-D177CF2E83D5" } ] }, @@ -341,8 +341,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_9_4900hs_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "EB4EA10C-DCF0-465D-80CF-B2715B0CEBA7" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "30359C5D-88AB-4286-9468-4FE173E45E8B" } ] }, @@ -369,8 +369,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_7_4800h_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "44DEFA65-46E4-429B-9714-B79FEFF3AB4F" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "0EBE8F69-555F-4B64-9199-24C10FED9127" } ] }, @@ -397,8 +397,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_7_4800hs_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "6DE3BC04-F91D-4137-9A80-76655BF71BB5" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "74DCE941-2A4F-4CF0-9D9F-89161F33495D" } ] }, @@ -425,8 +425,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_7_4980u_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "EA9F88FB-DFC4-4615-91CF-0393A561D39E" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "6D0C6F1C-E39D-44D1-BAA3-8F07161FE24F" } ] }, @@ -453,8 +453,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_7_4800u_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "FC6F4EC5-D2A1-4CE5-AE9B-B73CA3DD3410" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "30439972-C4D9-4E00-863B-19E01F6D4320" } ] }, @@ -481,8 +481,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_7_4700u_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "D127625C-0504-404D-8884-2D2C1A7BBF13" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "2549BDE9-3D73-4EBF-A48F-B892221DA7AE" } ] }, @@ -509,8 +509,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_5_4600h_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "581B3797-99E7-449F-A349-974FA0FAFF96" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "4AEFEE44-B315-4EB1-9DDA-8B0A5A35829A" } ] }, @@ -537,8 +537,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_5_4600hs_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "C1B74DB0-26F3-42FB-88F8-D3E7864500C3" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "9FDFD005-C279-4EE9-A3D1-2BDB542E919A" } ] }, @@ -565,8 +565,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_5_4680u_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "824D80CC-BB03-43B2-BD3C-41804288F29C" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "47E2BA17-847C-43E5-9C45-7AE16BF63CC1" } ] }, @@ -593,8 +593,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_5_4600u_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "526E7278-B02C-4A20-A9AC-297616C4F85D" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "2AC2378F-DE0C-480C-A9BD-8B0058EEC41A" } ] }, @@ -621,8 +621,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_5_4500u_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "1FE64AB8-3930-4D05-A872-4E38221EF7B9" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "B9F4C091-DB5A-42AF-9D9F-F18AA5873E56" } ] }, @@ -649,8 +649,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:amd:ryzen_3_4300u_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "renoirpi-fp6_1.0.0.a_comboam4v2_pi_1.2.0.8", - "matchCriteriaId": "069481DA-EA6F-46CA-9E6D-4BE6F01DCE23" + "versionEndExcluding": "renoirpi-fp6_1.0.0.a", + "matchCriteriaId": "3EC71AAC-5AB6-496F-BC94-20B8CFEC79D2" } ] }, diff --git a/CVE-2022/CVE-2022-48xx/CVE-2022-4830.json b/CVE-2022/CVE-2022-48xx/CVE-2022-4830.json index 923b4647d3d..0a88e72011a 100644 --- a/CVE-2022/CVE-2022-48xx/CVE-2022-4830.json +++ b/CVE-2022/CVE-2022-48xx/CVE-2022-4830.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4830", "sourceIdentifier": "contact@wpscan.com", "published": "2023-02-13T15:15:20.090", - "lastModified": "2023-11-07T03:59:02.217", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T18:59:31.510", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,6 +34,18 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "configurations": [ { "nodes": [ @@ -43,9 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:paidmembershipspro:paid_memberships_pro:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.9.9", - "matchCriteriaId": "9644B911-B691-4060-A51E-55D0E7E527A6" + "matchCriteriaId": "3AFF0B35-22E1-4EE8-8A23-7F631FC82C87" } ] } diff --git a/CVE-2023/CVE-2023-224xx/CVE-2023-22439.json b/CVE-2023/CVE-2023-224xx/CVE-2023-22439.json index 302b2df9be4..4ecaeac0fd9 100644 --- a/CVE-2023/CVE-2023-224xx/CVE-2023-22439.json +++ b/CVE-2023/CVE-2023-224xx/CVE-2023-22439.json @@ -2,16 +2,40 @@ "id": "CVE-2023-22439", "sourceIdentifier": "disclosures@gallagher.com", "published": "2023-12-18T22:15:07.807", - "lastModified": "2023-12-19T13:42:29.533", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T18:50:15.597", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nImproper input validation of a large HTTP request in the Controller 6000 and Controller 7000\u00a0optional\u00a0diagnostic web interface (Port 80)\u00a0can be used to perform a Denial of Service of the diagnostic web interface.\n\nThis issue affects: Gallagher Controller 6000 and 7000 8.90 prior to vCR8.90.231204a (distributed in 8.90.1620 (MR2)), 8.80 prior to vCR8.80.231204a (distributed in 8.80.1369 (MR3)), 8.70 prior to vCR8.70.231204a (distributed in 8.70.2375 (MR5)), 8.60 prior to vCR8.60.231116a (distributed in 8.60.2550 (MR7)), all versions of 8.50 and prior.\n\n" + }, + { + "lang": "es", + "value": "Se puede utilizar una validaci\u00f3n de entrada incorrecta de una solicitud HTTP grande en la interfaz web de diagn\u00f3stico opcional de Controller 6000 y Controller 7000 (puerto 80) para realizar una denegaci\u00f3n de servicio de la interfaz web de diagn\u00f3stico. Este problema afecta a: \nGallagher Controller 6000 y 7000 8.90 antes de vCR8.90.231204a (distribuido en 8.90.1620 (MR2)), \n8.80 antes de vCR8.80.231204a (distribuido en 8.80.1369 (MR3)), \n8.70 antes de vCR8. 70.231204a (distribuido en 8.70.2375 (MR5)), \n8.60 antes de vCR8.60.231116a (distribuido en 8.60.2550 (MR7)), \ntodas las versiones de 8.50 y anteriores." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "disclosures@gallagher.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + }, { "source": "disclosures@gallagher.com", "type": "Secondary", @@ -46,10 +80,132 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.50", + "matchCriteriaId": "3183049E-D5F5-416E-B5B6-140B02510BC0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.60", + "versionEndExcluding": "8.60.231116a", + "matchCriteriaId": "162DF4B0-4F15-48D0-9D67-2AD509FD1FAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.70", + "versionEndExcluding": "8.70.231204a", + "matchCriteriaId": "30EEB0FF-D2F2-47DA-9666-6532730B195F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.80", + "versionEndExcluding": "8.80.231204a", + "matchCriteriaId": "D11F6F34-20E1-4BF8-BA36-819F2B153320" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gallagher:controller_6000_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.90", + "versionEndExcluding": "8.90.231204a", + "matchCriteriaId": "715CA029-60DF-422B-90BA-C806DCE041FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gallagher:controller_6000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5AF2B03B-B033-439F-8CEE-334FA8053278" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.50", + "matchCriteriaId": "23C4F969-A44F-40D6-A92B-56A2653A0786" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.60", + "versionEndExcluding": "8.60.231116a", + "matchCriteriaId": "189BCB50-4E9F-4E0B-B03F-D703BD14B6C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.70", + "versionEndExcluding": "8.70.231204a", + "matchCriteriaId": "63286868-84A7-492C-8F48-E0FB883C5666" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.80", + "versionEndExcluding": "8.80.231204a", + "matchCriteriaId": "48DE400E-2C3D-485C-8C8E-DA79BC155E7F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gallagher:command_centre:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.90", + "versionEndExcluding": "8.90.231204a", + "matchCriteriaId": "14A61AE2-E3D1-4BEE-B5E1-361E6E0A617E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gallagher:controller_6000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5AF2B03B-B033-439F-8CEE-334FA8053278" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gallagher:controller_7000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D0F7F6A6-8F69-45C1-A59D-D9FB3FD0C1C7" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.gallagher.com/Security-Advisories/CVE-2023-22439", - "source": "disclosures@gallagher.com" + "source": "disclosures@gallagher.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23840.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23840.json index a823944a557..0f123220ee2 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23840.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23840.json @@ -2,12 +2,16 @@ "id": "CVE-2023-23840", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-09-13T23:15:07.820", - "lastModified": "2023-09-15T13:25:01.493", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T17:15:08.677", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges." + }, + { + "lang": "es", + "value": "La plataforma SolarWinds era susceptible a la vulnerabilidad de Comparaci\u00f3n Incorrecta. Esta vulnerabilidad permite a los usuarios con acceso administrativo a SolarWinds Web Console ejecutar comandos arbitrarios con privilegios de SERVICIO DE RED." } ], "metrics": { @@ -56,7 +60,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "description": [ { @@ -66,12 +70,12 @@ ] }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-749" + "value": "CWE-697" } ] } diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23845.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23845.json index 5743fef99b8..aad7db4be57 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23845.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23845.json @@ -2,12 +2,16 @@ "id": "CVE-2023-23845", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-09-13T23:15:08.283", - "lastModified": "2023-09-15T13:24:58.180", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T17:15:08.827", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges." + }, + { + "lang": "es", + "value": "La plataforma SolarWinds era susceptible a la vulnerabilidad de Comparaci\u00f3n Incorrecta. Esta vulnerabilidad permite a los usuarios con acceso administrativo a SolarWinds Web Console ejecutar comandos arbitrarios con privilegios de SERVICIO DE RED." } ], "metrics": { @@ -56,7 +60,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "description": [ { @@ -66,12 +70,12 @@ ] }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-749" + "value": "CWE-697" } ] } diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33225.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33225.json index d523c38a305..d9721f4c787 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33225.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33225.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33225", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-07-26T14:15:10.417", - "lastModified": "2023-11-15T02:54:12.713", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T17:15:08.980", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-862" + "value": "CWE-697" } ] }, diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35185.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35185.json index 86e8def129b..653438f3142 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35185.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35185.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35185", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-10-19T15:15:09.330", - "lastModified": "2023-10-25T20:19:07.667", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T17:15:09.107", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", @@ -35,26 +55,6 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.9 - }, - { - "source": "psirt@solarwinds.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 } ] }, diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3622.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3622.json index eb85170d5de..7a1c70de5c4 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3622.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3622.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3622", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-07-26T15:15:10.803", - "lastModified": "2023-10-30T19:42:12.173", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T17:15:09.333", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-284" + "value": "CWE-287" } ] }, diff --git a/CVE-2023/CVE-2023-395xx/CVE-2023-39548.json b/CVE-2023/CVE-2023-395xx/CVE-2023-39548.json index bd6d8b3f28e..bc7480e1961 100644 --- a/CVE-2023/CVE-2023-395xx/CVE-2023-39548.json +++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39548.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39548", "sourceIdentifier": "psirt-info@cyber.jp.nec.com", "published": "2023-11-17T06:15:34.077", - "lastModified": "2023-11-24T18:22:13.360", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T17:55:54.710", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -187,6 +187,16 @@ "criteria": "cpe:2.3:a:nec:expresscluster_x:5.0:*:*:*:*:windows:*:*", "matchCriteriaId": "247EC97F-02F6-4EF3-A450-602BA5FEF257" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nec:expresscluster_x:5.1:*:*:*:*:linux:*:*", + "matchCriteriaId": "321507E4-C76E-412D-9159-2E319598F0A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nec:expresscluster_x:5.1:*:*:*:*:windows:*:*", + "matchCriteriaId": "66930816-7173-4B3D-B4A9-B099DB110F31" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:nec:expresscluster_x_singleserversafe:1.0:*:*:*:*:linux:*:*", @@ -306,6 +316,16 @@ "vulnerable": true, "criteria": "cpe:2.3:a:nec:expresscluster_x_singleserversafe:5.0:*:*:*:*:windows:*:*", "matchCriteriaId": "C0F366B5-3A07-435F-BE9E-79688D3BBF79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nec:expresscluster_x_singleserversafe:5.1:*:*:*:*:linux:*:*", + "matchCriteriaId": "1B21ABC2-9955-4A11-96F9-1B491F43466F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nec:expresscluster_x_singleserversafe:5.1:*:*:*:*:windows:*:*", + "matchCriteriaId": "E2837245-A053-4BCB-A741-2968F1A949F9" } ] } diff --git a/CVE-2023/CVE-2023-400xx/CVE-2023-40053.json b/CVE-2023/CVE-2023-400xx/CVE-2023-40053.json index 09ab6f226c8..edf025e9e68 100644 --- a/CVE-2023/CVE-2023-400xx/CVE-2023-40053.json +++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40053.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40053", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-12-06T04:15:07.523", - "lastModified": "2023-12-11T18:42:29.597", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T17:15:09.460", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,24 +37,24 @@ "impactScore": 1.4 }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", - "baseScore": 4.6, + "baseScore": 5.0, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 2.1, - "impactScore": 2.5 + "exploitabilityScore": 3.1, + "impactScore": 1.4 } ] }, diff --git a/CVE-2023/CVE-2023-400xx/CVE-2023-40061.json b/CVE-2023/CVE-2023-400xx/CVE-2023-40061.json index b7e42a001e6..35737ebc2a4 100644 --- a/CVE-2023/CVE-2023-400xx/CVE-2023-40061.json +++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40061.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40061", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-11-01T16:15:08.590", - "lastModified": "2023-11-09T13:35:02.493", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T18:15:45.650", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", @@ -35,26 +55,6 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 - }, - { - "source": "psirt@solarwinds.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.3 } ] }, diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42183.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42183.json index 0a767dcbe84..c4164bc218c 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42183.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42183.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42183", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-15T01:15:08.047", - "lastModified": "2023-12-15T13:42:13.817", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T18:11:09.047", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "lockss-daemon (tambi\u00e9n conocido como Classic LOCKSS Daemon) anterior a 1.77.3 realiza una normalizaci\u00f3n posterior a Unicode, lo que puede permitir eludir las restricciones de acceso previstas, como cuando U+1FEF se convierte en una comilla invertida." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-116" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lockss:classic_lockss_daemon:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.77.3", + "matchCriteriaId": "B8051589-52AD-45A4-8A98-1A1B9173C412" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/lockss/lockss-daemon/security/advisories/GHSA-mgqj-hphf-9588", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4295.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4295.json index 5f84f334dd7..3bdc3852fac 100644 --- a/CVE-2023/CVE-2023-42xx/CVE-2023-4295.json +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4295.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4295", "sourceIdentifier": "arm-security@arm.com", "published": "2023-11-07T16:15:29.340", - "lastModified": "2023-12-08T17:15:07.540", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T17:14:36.030", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -45,7 +45,11 @@ "description": [ { "lang": "en", - "value": "CWE-119" + "value": "CWE-190" + }, + { + "lang": "en", + "value": "CWE-416" } ] }, @@ -93,7 +97,10 @@ "references": [ { "url": "http://packetstormsecurity.com/files/176109/Arm-Mali-CSF-Overflow-Use-After-Free.html", - "source": "arm-security@arm.com" + "source": "arm-security@arm.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45794.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45794.json index 166e6562f3a..cf4e15d7caf 100644 --- a/CVE-2023/CVE-2023-457xx/CVE-2023-45794.json +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45794.json @@ -2,7 +2,7 @@ "id": "CVE-2023-45794", "sourceIdentifier": "productcert@siemens.com", "published": "2023-11-14T11:15:13.970", - "lastModified": "2023-11-20T14:11:34.617", + "lastModified": "2023-12-28T18:59:23.170", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "weaknesses": [ { "source": "productcert@siemens.com", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", @@ -79,31 +79,31 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:siemens:medix:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.0.0", "versionEndExcluding": "7.23.37", - "matchCriteriaId": "EF898A30-27CD-4122-BBB6-036D044E10AF" + "matchCriteriaId": "9349FE43-89A4-4C6D-8DB4-CB7F001C4997" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:siemens:medix:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndExcluding": "8.18.27", - "matchCriteriaId": "C67B1540-3F5A-48D2-97B4-1F99CEEA9341" + "matchCriteriaId": "1310418B-0106-4E1E-A4A7-1FF7FF2EA297" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:siemens:medix:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*", "versionStartIncluding": "9.0.0", "versionEndExcluding": "9.24.10", - "matchCriteriaId": "FBAB63A3-97EB-4639-8552-48999E5A6E04" + "matchCriteriaId": "3E92B744-3CC1-4980-8DA0-781C9B4B18B9" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:siemens:medix:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.0", "versionEndExcluding": "10.4.0", - "matchCriteriaId": "47C1CB19-009C-44A2-8E62-A82B9F6FE88B" + "matchCriteriaId": "AB61E750-0A04-44E0-B0AE-4451D4ACA46E" } ] } diff --git a/CVE-2023/CVE-2023-458xx/CVE-2023-45809.json b/CVE-2023/CVE-2023-458xx/CVE-2023-45809.json index 57d4d091732..084ba328b55 100644 --- a/CVE-2023/CVE-2023-458xx/CVE-2023-45809.json +++ b/CVE-2023/CVE-2023-458xx/CVE-2023-45809.json @@ -2,7 +2,7 @@ "id": "CVE-2023-45809", "sourceIdentifier": "security-advisories@github.com", "published": "2023-10-19T19:15:15.867", - "lastModified": "2023-10-31T18:51:51.687", + "lastModified": "2023-12-28T18:58:51.657", "vulnStatus": "Analyzed", "descriptions": [ { @@ -93,23 +93,23 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:wagtail:wagtail:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:torchbox:wagtail:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.1.9", - "matchCriteriaId": "3B8C2042-E854-4CFF-B05E-ED6A3B60008B" + "matchCriteriaId": "974BDF97-9C1D-44BB-AD65-7BF0C5BF2EA9" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:wagtail:wagtail:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:torchbox:wagtail:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.2", "versionEndExcluding": "5.0.5", - "matchCriteriaId": "65578772-BEF0-42B7-BB33-7D2E94563C5F" + "matchCriteriaId": "7DAC1931-ECF9-47BA-9DFA-322E8DA9CCEB" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:wagtail:wagtail:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:torchbox:wagtail:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.1", "versionEndExcluding": "5.1.3", - "matchCriteriaId": "34A0955D-6A4C-4294-8C5C-F99F9148E6C8" + "matchCriteriaId": "288CEC75-D1C5-4C43-9802-CF30E66DB5D2" } ] } diff --git a/CVE-2023/CVE-2023-458xx/CVE-2023-45835.json b/CVE-2023/CVE-2023-458xx/CVE-2023-45835.json index 90e2113439c..3e6903831ed 100644 --- a/CVE-2023/CVE-2023-458xx/CVE-2023-45835.json +++ b/CVE-2023/CVE-2023-458xx/CVE-2023-45835.json @@ -2,7 +2,7 @@ "id": "CVE-2023-45835", "sourceIdentifier": "audit@patchstack.com", "published": "2023-10-25T18:17:35.180", - "lastModified": "2023-11-01T15:19:29.947", + "lastModified": "2023-12-28T18:55:19.140", "vulnStatus": "Analyzed", "descriptions": [ { diff --git a/CVE-2023/CVE-2023-472xx/CVE-2023-47272.json b/CVE-2023/CVE-2023-472xx/CVE-2023-47272.json index 8b0a2d780fa..1c26b0d11c6 100644 --- a/CVE-2023/CVE-2023-472xx/CVE-2023-47272.json +++ b/CVE-2023/CVE-2023-472xx/CVE-2023-47272.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47272", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-06T00:15:09.380", - "lastModified": "2023-12-05T01:15:07.110", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T17:24:36.373", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -94,6 +94,56 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] } ], "references": [ @@ -120,23 +170,38 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00005.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GILSR762MJB3BNJOVOCMW2JXEPV46IIQ/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YFRGBPET73URF6364CI547ZVWQESJLGK/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4F4DUA3Q46ZVB2RD7BFP4XMNS4RYFFQ/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5572", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-473xx/CVE-2023-47363.json b/CVE-2023/CVE-2023-473xx/CVE-2023-47363.json index 962d49c1ca1..57eb0689861 100644 --- a/CVE-2023/CVE-2023-473xx/CVE-2023-47363.json +++ b/CVE-2023/CVE-2023-473xx/CVE-2023-47363.json @@ -2,7 +2,7 @@ "id": "CVE-2023-47363", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-09T14:15:07.907", - "lastModified": "2023-11-17T14:20:37.830", + "lastModified": "2023-12-28T17:34:14.213", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f.b.p._members_project:f.b.p._members:13.6.1:*:*:*:*:line:*:*", - "matchCriteriaId": "370A2DC9-F1B4-4397-924E-6256BF139107" + "criteria": "cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*", + "matchCriteriaId": "22743D41-3381-4220-8D9F-60CC36E48F78" } ] } diff --git a/CVE-2023/CVE-2023-473xx/CVE-2023-47364.json b/CVE-2023/CVE-2023-473xx/CVE-2023-47364.json index a67ef20e98a..105ae4c239b 100644 --- a/CVE-2023/CVE-2023-473xx/CVE-2023-47364.json +++ b/CVE-2023/CVE-2023-473xx/CVE-2023-47364.json @@ -2,7 +2,7 @@ "id": "CVE-2023-47364", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-09T14:15:07.970", - "lastModified": "2023-11-17T14:22:55.423", + "lastModified": "2023-12-28T17:34:46.510", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:nagaoka_taxi_project:nagaoka_taxi:13.6.1:*:*:*:*:line:*:*", - "matchCriteriaId": "716A6D4A-2082-4151-A8C8-C89B54E63815" + "criteria": "cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*", + "matchCriteriaId": "22743D41-3381-4220-8D9F-60CC36E48F78" } ] } diff --git a/CVE-2023/CVE-2023-473xx/CVE-2023-47365.json b/CVE-2023/CVE-2023-473xx/CVE-2023-47365.json index cfdeedfc73f..b84d4a6289c 100644 --- a/CVE-2023/CVE-2023-473xx/CVE-2023-47365.json +++ b/CVE-2023/CVE-2023-473xx/CVE-2023-47365.json @@ -2,7 +2,7 @@ "id": "CVE-2023-47365", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-09T14:15:08.013", - "lastModified": "2023-11-17T14:28:56.487", + "lastModified": "2023-12-28T17:35:10.877", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:reisinnova:lil.off-price_store:13.6.1:*:*:*:*:line:*:*", - "matchCriteriaId": "34B95965-5B0C-4C45-964C-BF31C161B806" + "criteria": "cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*", + "matchCriteriaId": "22743D41-3381-4220-8D9F-60CC36E48F78" } ] } diff --git a/CVE-2023/CVE-2023-482xx/CVE-2023-48231.json b/CVE-2023/CVE-2023-482xx/CVE-2023-48231.json index f5eb806ecbd..314509b33b4 100644 --- a/CVE-2023/CVE-2023-482xx/CVE-2023-48231.json +++ b/CVE-2023/CVE-2023-482xx/CVE-2023-48231.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48231", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-16T23:15:08.607", - "lastModified": "2023-12-27T15:15:45.050", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T17:39:29.390", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -61,7 +61,7 @@ "weaknesses": [ { "source": "security-advisories@github.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -86,6 +86,31 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] } ], "references": [ @@ -112,7 +137,10 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/", @@ -124,11 +152,17 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20231227-0008/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48738.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48738.json index 2fa6ee20c65..0d4475739f7 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48738.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48738.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48738", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-19T21:15:08.527", - "lastModified": "2023-12-20T13:50:37.240", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:19:48.890", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:portotheme:functionality:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.12.1", + "matchCriteriaId": "773D7F04-F0A2-4F3C-8770-AC1CC83934D6" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/porto-functionality/wordpress-porto-theme-functionality-plugin-2-11-1-unauthenticated-sql-injection-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48764.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48764.json index 8725ca05d20..a86581acfee 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48764.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48764.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48764", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-19T21:15:08.943", - "lastModified": "2023-12-20T13:50:37.240", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:25:33.493", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:guardgiant:guardgiant:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.2.5", + "matchCriteriaId": "DE1FF87A-8CB3-4B78-845D-059527C77262" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/guardgiant/wordpress-wordpress-brute-force-protection-stop-brute-force-attacks-plugin-2-2-5-sql-injection-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json index 7434a657b1d..c2d7c699cca 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48795", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-18T16:15:10.897", - "lastModified": "2023-12-28T03:15:07.660", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T18:26:43.827", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,375 +14,1798 @@ "value": "El protocolo de transporte SSH con ciertas extensiones OpenSSH, que se encuentra en OpenSSH anterior a 9.6 y otros productos, permite a atacantes remotos eludir las comprobaciones de integridad de modo que algunos paquetes se omiten (del mensaje de negociaci\u00f3n de extensi\u00f3n) y, en consecuencia, un cliente y un servidor pueden terminar con una conexi\u00f3n para la cual algunas caracter\u00edsticas de seguridad han sido degradadas o deshabilitadas, tambi\u00e9n conocido como un ataque Terrapin. Esto ocurre porque SSH Binary Packet Protocol (BPP), implementado por estas extensiones, maneja mal la fase de protocolo de enlace y el uso de n\u00fameros de secuencia. Por ejemplo, existe un ataque eficaz contra ChaCha20-Poly1305 (y CBC con Encrypt-then-MAC). La omisi\u00f3n se produce en chacha20-poly1305@openssh.com y (si se utiliza CBC) en los algoritmos MAC -etm@openssh.com. Esto tambi\u00e9n afecta a Maverick Synergy Java SSH API anterior a 3.1.0-SNAPSHOT, Dropbear hasta 2022.83, Ssh anterior a 5.1.1 en Erlang/OTP, PuTTY anterior a 0.80 y AsyncSSH anterior a 2.14.2; y podr\u00eda haber efectos en Bitvise SSH hasta la versi\u00f3n 9.31, libssh hasta la 0.10.5 y golang.org/x/crypto hasta el 17 de diciembre de 2023." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-354" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.6", + "matchCriteriaId": "5308FBBB-F738-41C5-97A4-E40118E957CD" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.80", + "matchCriteriaId": "A9D807DB-9E20-4792-8A9F-4BFFC841BAB7" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.66.4", + "matchCriteriaId": "42915485-A4DA-48DD-9C15-415D2D39DC52" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", + "versionEndIncluding": "11.1.0", + "matchCriteriaId": "9F37C9AC-185F-403A-A79B-2D5C8E11AFC4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.4", + "matchCriteriaId": "31FFE0AA-FC25-40DE-8EE9-7F4C80ABDE4F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.8", + "matchCriteriaId": "F2FCF7EF-97D7-44CF-AC74-72D856901755" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.4", + "matchCriteriaId": "53CAD263-1C60-43BD-86A2-C8DB15FFB4C6" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.2.2", + "matchCriteriaId": "8FA57F20-C9C1-40A7-B2CD-F3440CCF1D66" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.33", + "matchCriteriaId": "6209E375-10C7-4E65-A2E7-455A686717AC" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.32", + "matchCriteriaId": "1A05CC3C-19C5-4BAA-ABA2-EE1795E0BE81" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.66.4", + "matchCriteriaId": "3A71B523-0778-46C6-A38B-64452E0BB6E7" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1C91308-15E5-40AF-B4D5-3CAD7BC65DDF" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "418940E3-6DD1-4AA6-846A-03E059D0C681" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*", + "matchCriteriaId": "411BA58A-33B6-44CA-B9D6-7F9042D46961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*", + "matchCriteriaId": "FA17A153-30E4-4731-8706-8F74FCA50993" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FB736F57-9BE3-4457-A10E-FA88D0932154" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.4.3", + "matchCriteriaId": "6EB8D02D-87F3-414D-A3EA-43F594DAAC1B" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.10.6", + "matchCriteriaId": "AAB481DA-FBFE-4CC2-9AE7-22025FA07494" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*", + "matchCriteriaId": "3D6FD459-F8E8-4126-8097-D30B4639404A" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*", + "versionEndIncluding": "1.11.0", + "matchCriteriaId": "69510F52-C699-4E7D-87EF-7000682888F0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.3.8b", + "matchCriteriaId": "9461430B-3709-45B6-8858-2101F5AE4481" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", + "versionEndIncluding": "12.4", + "matchCriteriaId": "B9A01DF3-E20E-4F29-B5CF-DDF717D01E74" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.35.1", + "matchCriteriaId": "D25EB73D-6145-4B7D-8F14-80FD0B458E99" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.1", + "matchCriteriaId": "77594DEC-B5F7-4911-A13D-FFE91C74BAFA" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.3.4", + "matchCriteriaId": "F8FF7E74-2351-4CD9-B717-FA28893293A1" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*", + "versionEndIncluding": "10.6.0", + "matchCriteriaId": "82A93C12-FEB6-4E82-B283-0ED7820D807E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*", + "versionEndExcluding": "build__0144", + "matchCriteriaId": "B480AE79-2FA1-4281-9F0D-0DE812B9354D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.4.0", + "matchCriteriaId": "826B6323-06F8-4B96-8771-3FA15A727B08" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", + "matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", + "matchCriteriaId": "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*", + "matchCriteriaId": "E315FC5C-FF19-43C9-A58A-CF2A5FF13824" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA7EAD12-E398-44AF-9859-F3CA6C63BA6B" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*", + "matchCriteriaId": "77675CB7-67D7-44E9-B7FF-D224B3341AA5" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C0AAA300-691A-4957-8B69-F6888CC971B1" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45937289-2D64-47CB-A750-5B4F0D4664A0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*", + "matchCriteriaId": "97321212-0E07-4CC2-A917-7B5F61AB9A5A" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0E2C021C-A9F0-4EB4-ADED-81D8B57B4563" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7BF8EFFB-5686-4F28-A68F-1A8854E098CE" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*", + "matchCriteriaId": "9C877879-B84B-471C-80CF-0656521CA8AB" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "379A5883-F6DF-41F5-9403-8D17F6605737" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B5B1D946-5978-4818-BF21-A43D9C1365E1" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*", + "matchCriteriaId": "99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6D5A7736-A403-4617-8790-18E46CB74DA6" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E0DE4E1-5D8D-40F3-8AC8-C7F736966158" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "88BF3B2C-B121-483A-AEF2-8082F6DA5310" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F0FD736A-8730-446A-BA3A-7B608DB62B0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4C504B6-3902-46E2-82B7-48AEC9CDD48D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.17.0", + "matchCriteriaId": "F92E56DF-98DF-4328-B37E-4D5744E4103D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*", + "versionEndExcluding": "0.40.2", + "matchCriteriaId": "AC12508E-3C31-44EA-B4F3-29316BE9B189" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.5.6", + "matchCriteriaId": "1750028C-698D-4E84-B727-8A155A46ADEB" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", + "versionEndExcluding": "26.2.1", + "matchCriteriaId": "3A9A8E99-7F4A-4B74-B86B-8B3E8B2A8776" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.2.15", + "matchCriteriaId": "61119DB3-4336-4D3B-863A-0CCF4146E5C1" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.11.10", + "matchCriteriaId": "F9DCCF91-FA48-406D-B620-D3C8F066FACB" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.14.2", + "matchCriteriaId": "FAE46983-0ABC-49F7-AC18-A78FAC7E73AA" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022.83", + "matchCriteriaId": "06BF3368-F232-4E6B-883E-A591EED5C827" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.1.0-snapshot", + "matchCriteriaId": "36531FB6-5682-4BF1-9785-E9D6D1C4207B" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.11", + "matchCriteriaId": "514ED687-0D7B-479B-82C5-7EB1A5EEC94C" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.4.6", + "matchCriteriaId": "83B1AF39-C0B9-4031-B19A-BDDD4F337273" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*", + "versionEndIncluding": "23.09.1", + "matchCriteriaId": "2B71B0EF-888E-45E2-A055-F59CDCC1AFC7" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.7.2", + "matchCriteriaId": "8F23CDF7-2881-4B4E-B84F-4E04F4ED8CCF" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.6.0", + "matchCriteriaId": "C1795F7A-203F-400E-B09C-0FAF16D01CFC" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.22", + "matchCriteriaId": "0D79DDDD-02F0-4C12-BE7F-1B9DF1722C7A" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.11.0", + "matchCriteriaId": "E2D7B0CA-C01F-4296-9425-48299E3889C5" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*", + "versionEndIncluding": "0.37.0", + "matchCriteriaId": "1C3EB0B8-9E76-4146-AB02-02E20B91D55C" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*", + "versionEndIncluding": "20230101", + "matchCriteriaId": "0582468A-149B-429F-978A-2AEDF4BE2606" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*", + "matchCriteriaId": "7E4BAF06-5A79-46D7-8C4F-E670BD6B7C2D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kitty_project:kitty:*:*:*:*:*:*:*:*", + "versionEndIncluding": "0.76.1.13", + "matchCriteriaId": "4C19DD32-7922-4DBD-BC4A-AFB5E6B7A5C2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*", + "matchCriteriaId": "76BDAFDE-4515-42E6-820F-38AF4A786CF2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5920923E-0D52-44E5-801D-10B82846ED58" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2023/12/20/3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Mitigation" + ] }, { "url": "https://access.redhat.com/security/cve/cve-2023-48795", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] }, { "url": "https://bugs.gentoo.org/920280", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://crates.io/crates/thrussh/versions", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://filezilla-project.org/versions.php", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/NixOS/nixpkgs/pull/275249", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/advisories/GHSA-45x7-px36-x8w8", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/apache/mina-sshd/issues/445", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/cyd01/KiTTY/issues/520", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/hierynomus/sshj/issues/916", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/janmojzis/tinyssh/issues/81", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/libssh2/libssh2/pull/1291", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mitigation" + ] }, { "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/mwiede/jsch/issues/457", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/mwiede/jsch/pull/461", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/openssh/openssh-portable/commits/master", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/paramiko/paramiko/issues/2337", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/proftpd/proftpd/issues/456", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/rapier1/hpn-ssh/releases", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/ronf/asyncssh/tags", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/ssh-mitm/ssh-mitm/issues/165", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://gitlab.com/libssh/libssh-mirror/-/tags", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://help.panic.com/releasenotes/transmit5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://matt.ucc.asn.au/dropbear/CHANGES", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://news.ycombinator.com/item?id=38684904", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://news.ycombinator.com/item?id=38685286", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://news.ycombinator.com/item?id=38732005", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://nova.app/releases/#v11.8", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://oryx-embedded.com/download/#changelog", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://roumenpetrov.info/secsh/#news20231220", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://security-tracker.debian.org/tracker/CVE-2023-48795", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://security-tracker.debian.org/tracker/source-package/libssh2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://security.gentoo.org/glsa/202312-16", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://security.gentoo.org/glsa/202312-17", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://twitter.com/TrueSkrillor/status/1736774389725565005", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] }, { "url": "https://ubuntu.com/security/CVE-2023-48795", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://winscp.net/eng/docs/history#6.2.2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.bitvise.com/ssh-client-version-history#933", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.bitvise.com/ssh-server-version-history", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5586", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5588", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.netsarang.com/en/xshell-update-history/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.openssh.com/openbsd.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.openssh.com/txt/release-9.6", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.openwall.com/lists/oss-security/2023/12/20/3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Mitigation" + ] }, { "url": "https://www.paramiko.org/changelog.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] }, { "url": "https://www.terrapin-attack.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] }, { "url": "https://www.vandyke.com/products/securecrt/history.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-490xx/CVE-2023-49092.json b/CVE-2023/CVE-2023-490xx/CVE-2023-49092.json index 5ddb510cefd..ae099167f48 100644 --- a/CVE-2023/CVE-2023-490xx/CVE-2023-49092.json +++ b/CVE-2023/CVE-2023-490xx/CVE-2023-49092.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49092", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-28T21:15:08.530", - "lastModified": "2023-12-14T23:15:07.050", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T18:54:22.443", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -89,8 +89,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:rust-lang:rsa:*:*:*:*:*:rust:*:*", - "matchCriteriaId": "600DB2C9-3C8D-4C14-A69F-B5EE18B99EB6" + "criteria": "cpe:2.3:a:rustcrypto:rsa:*:*:*:*:*:rust:*:*", + "matchCriteriaId": "248AAFCD-E795-48F3-AC41-468B1E2EB267" } ] } diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49734.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49734.json index ae47a820461..c5a638dc10f 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49734.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49734.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49734", "sourceIdentifier": "security@apache.org", "published": "2023-12-19T10:15:08.007", - "lastModified": "2023-12-19T15:15:08.633", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:16:28.993", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An authenticated Gamma user has the ability to create a dashboard and add charts to it, this user would automatically become one of the owners of the charts allowing him to incorrectly have write permissions to these charts.This issue affects Apache Superset: before 2.1.2, from 3.0.0 before 3.0.2.\n\nUsers are recommended to upgrade to version 3.0.2 or 2.1.3, which fixes the issue.\n\n" + }, + { + "lang": "es", + "value": "Un usuario de Gamma autenticado tiene la capacidad de crear un panel y agregarle gr\u00e1ficos; este usuario se convertir\u00eda autom\u00e1ticamente en uno de los propietarios de los gr\u00e1ficos, lo que le permitir\u00eda tener permisos de escritura incorrectos para estos gr\u00e1ficos. Este problema afecta a Apache Superset: antes de 2.1.2 , desde 3.0.0 antes de 3.0.2. Se recomienda a los usuarios actualizar a la versi\u00f3n 3.0.2 o 2.1.3, que soluciona el problema." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@apache.org", "type": "Secondary", @@ -46,14 +70,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.1.2", + "matchCriteriaId": "15732220-B366-4C92-A7D6-8C5DF4C9CA20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.0.0", + "versionEndExcluding": "3.0.2", + "matchCriteriaId": "23576169-716C-4703-BFB2-7F061CEED2CF" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/19/3", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.apache.org/thread/985h6ltvtbvdoysso780kkj7x744cds5", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49736.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49736.json index 5fe68379faf..2953053a3cc 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49736.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49736.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49736", "sourceIdentifier": "security@apache.org", "published": "2023-12-19T10:15:08.323", - "lastModified": "2023-12-19T15:15:08.717", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:16:12.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A where_in JINJA macro allows users to specify a quote, which combined with a carefully crafted statement\u00a0would allow for SQL injection\u00a0in Apache Superset.This issue affects Apache Superset: before 2.1.2, from 3.0.0 before 3.0.2.\n\nUsers are recommended to upgrade to version 3.0.2, which fixes the issue.\n\n" + }, + { + "lang": "es", + "value": "Una macro Where_in JINJA permite a los usuarios especificar una cita, que combinada con una declaraci\u00f3n cuidadosamente manipulada permitir\u00eda la inyecci\u00f3n de SQL en Apache Superset. Este problema afecta a Apache Superset: antes de 2.1.2, desde 3.0.0 antes de 3.0.2. Se recomienda a los usuarios actualizar a la versi\u00f3n 3.0.2, que soluciona el problema." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@apache.org", "type": "Secondary", @@ -46,14 +70,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.1.2", + "matchCriteriaId": "15732220-B366-4C92-A7D6-8C5DF4C9CA20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.0.0", + "versionEndExcluding": "3.0.2", + "matchCriteriaId": "23576169-716C-4703-BFB2-7F061CEED2CF" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/19/2", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.apache.org/thread/1kf481bgs3451qcz6hfhobs7xvhp8n1p", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50835.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50835.json index 658dc3ce169..0e99b878cbb 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50835.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50835.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50835", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-19T22:15:08.330", - "lastModified": "2023-12-20T13:50:26.727", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:32:58.013", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:saurabhspeaks:advanced_category_template:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "0.1", + "matchCriteriaId": "404C4BAA-2433-4B21-A449-67404FF7CE62" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/advanced-category-template/wordpress-advanced-category-template-plugin-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-53xx/CVE-2023-5384.json b/CVE-2023/CVE-2023-53xx/CVE-2023-5384.json index 69a47a5c579..d52a12353aa 100644 --- a/CVE-2023/CVE-2023-53xx/CVE-2023-5384.json +++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5384.json @@ -2,16 +2,40 @@ "id": "CVE-2023-5384", "sourceIdentifier": "secalert@redhat.com", "published": "2023-12-18T14:15:11.360", - "lastModified": "2023-12-18T15:04:28.363", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T18:16:28.223", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials (JDBC store with connection pooling, remote store), the credentials are returned in clear text as part of the configuration." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en Infinispan. Al serializar la configuraci\u00f3n de una cach\u00e9 en XML/JSON/YAML, que contiene credenciales (almac\u00e9n JDBC con agrupaci\u00f3n de conexiones, almac\u00e9n remoto), las credenciales se devuelven en texto plano como parte de la configuraci\u00f3n." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -46,18 +80,75 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:data_grid:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.4.6", + "matchCriteriaId": "069956BE-8A4A-418E-8913-90BB53FC6A23" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:jboss_data_grid:-:*:*:*:text-only:*:*:*", + "matchCriteriaId": "2BF03A52-4068-47EA-8846-1E5FB708CE1A" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:infinispan:infinispan:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F6718434-9048-42D0-8E70-40531CA83A16" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/errata/RHSA-2023:7676", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-5384", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242156", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5641.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5641.json index 2bff18d047e..275c1cee97f 100644 --- a/CVE-2023/CVE-2023-56xx/CVE-2023-5641.json +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5641.json @@ -2,7 +2,7 @@ "id": "CVE-2023-5641", "sourceIdentifier": "contact@wpscan.com", "published": "2023-11-27T17:15:09.183", - "lastModified": "2023-12-02T04:36:11.447", + "lastModified": "2023-12-28T18:36:45.983", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,9 +59,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:martinstools:seo_backlink_link_building_network:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:martinstools:free_\\&_easy_link_building:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "1.2.30", - "matchCriteriaId": "8747E5D1-A7C2-4359-B08A-23003BBC6EC8" + "matchCriteriaId": "27359BEF-D8C7-48EE-A71D-F067CF8DFE7A" } ] } diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6105.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6105.json index 715708cb9c2..73660ff800c 100644 --- a/CVE-2023/CVE-2023-61xx/CVE-2023-6105.json +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6105.json @@ -2,7 +2,7 @@ "id": "CVE-2023-6105", "sourceIdentifier": "vulnreport@tenable.com", "published": "2023-11-15T21:15:08.490", - "lastModified": "2023-11-29T20:44:24.987", + "lastModified": "2023-12-28T18:37:26.820", "vulnStatus": "Analyzed", "descriptions": [ { @@ -3158,259 +3158,259 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:*", "versionEndExcluding": "12.5", - "matchCriteriaId": "4FE63AD7-3AC1-4545-A330-234393E93317" + "matchCriteriaId": "E9FF3515-61C7-4A7A-9781-6D4A0340B2EC" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125000:*:*:*:*:*:*", - "matchCriteriaId": "B19CF026-7F4E-4FE6-A498-7B64B7D60CC3" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125000:*:*:*:*:*:*", + "matchCriteriaId": "77AA96FD-5AF0-4F80-8402-BAB460FF8B75" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125003:*:*:*:*:*:*", - "matchCriteriaId": "96B1D0C1-2D5A-4401-9EA1-88BCA312BE87" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125003:*:*:*:*:*:*", + "matchCriteriaId": "3095B4D1-170A-48B0-8C4A-7A7A54E42149" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125108:*:*:*:*:*:*", - "matchCriteriaId": "060E7FF2-A2B6-4D96-A2D2-4739A732A96B" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125108:*:*:*:*:*:*", + "matchCriteriaId": "8CE4267C-DAAE-4CEC-A6E3-D2213AA5EE57" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125109:*:*:*:*:*:*", - "matchCriteriaId": "356483C9-547A-488A-AE5A-AF2C92B0D509" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125109:*:*:*:*:*:*", + "matchCriteriaId": "92EB7DC6-F227-40B3-A093-4D9495BBE272" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125115:*:*:*:*:*:*", - "matchCriteriaId": "E6BB36A3-CF46-4C6C-A7D7-F5792E267491" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125115:*:*:*:*:*:*", + "matchCriteriaId": "40C478D3-7C1C-4FCE-99FA-976EE2754680" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125120:*:*:*:*:*:*", - "matchCriteriaId": "C4F2D4AB-C744-4245-B9D0-61EF742F8328" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125120:*:*:*:*:*:*", + "matchCriteriaId": "DE6C88E4-D382-4729-AF5D-5697DCE26A67" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125122:*:*:*:*:*:*", - "matchCriteriaId": "FA61E0C9-E145-4BF4-83FC-57787CE6CACF" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125122:*:*:*:*:*:*", + "matchCriteriaId": "6447F4D8-0943-4C8C-BBA7-42BECC181D80" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125125:*:*:*:*:*:*", - "matchCriteriaId": "F49EE37F-FF05-48AC-8F27-BC1DD497E042" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125125:*:*:*:*:*:*", + "matchCriteriaId": "422B8CB6-3A14-4452-9192-F4CD5BF5D030" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125141:*:*:*:*:*:*", - "matchCriteriaId": "90BF92E0-A108-4037-A818-DA51ACCC9FB3" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125141:*:*:*:*:*:*", + "matchCriteriaId": "41AB6C1A-CBEC-4DC1-94A4-9D14E82BA542" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125142:*:*:*:*:*:*", - "matchCriteriaId": "802DB1B0-813A-407E-B2DA-4DAE7052E662" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125142:*:*:*:*:*:*", + "matchCriteriaId": "6A2C060F-770B-4245-8490-5D2EB970FCA0" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125149:*:*:*:*:*:*", - "matchCriteriaId": "923BF270-8DC1-4CE4-8E47-F56EEB98321F" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125149:*:*:*:*:*:*", + "matchCriteriaId": "16E635CC-1591-4535-89EA-B8470BD885F0" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125150:*:*:*:*:*:*", - "matchCriteriaId": "D92A4A1F-43A6-48CD-AAEF-5466F99D7B40" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125150:*:*:*:*:*:*", + "matchCriteriaId": "D5F9E623-A42D-446D-ADDD-5F3C8F7BD9B8" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125160:*:*:*:*:*:*", - "matchCriteriaId": "C9D1B424-595E-4F87-A3E0-B75DD3A2DDB1" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125160:*:*:*:*:*:*", + "matchCriteriaId": "1E235AF0-4453-4439-A25D-FF78A89BB117" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125179:*:*:*:*:*:*", - "matchCriteriaId": "A8E5C4C0-56DA-4FBC-9943-5E6841AC23B5" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125179:*:*:*:*:*:*", + "matchCriteriaId": "620E40E9-9D83-4E14-8898-10C0718B1A1C" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125180:*:*:*:*:*:*", - "matchCriteriaId": "0250C50A-0CB0-4A1F-BC1F-89C2675DC6D2" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125180:*:*:*:*:*:*", + "matchCriteriaId": "1D72F651-BD8C-4564-AC1A-84A91F21EADA" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125194:*:*:*:*:*:*", - "matchCriteriaId": "952D9E01-2324-43C7-A9B9-0AC3B0D0EA1F" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125194:*:*:*:*:*:*", + "matchCriteriaId": "19DD9FF2-583B-4079-9375-E1643FF9A54B" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125200:*:*:*:*:*:*", - "matchCriteriaId": "89A1A165-56C2-47A2-B0F0-FAD3B36E6C67" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125200:*:*:*:*:*:*", + "matchCriteriaId": "69EDC39C-68EE-488D-B740-9E45229BDF2E" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125212:*:*:*:*:*:*", - "matchCriteriaId": "09AD048F-CA38-4365-8C6F-6926287E1F7B" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125212:*:*:*:*:*:*", + "matchCriteriaId": "EC374820-208A-40EF-965C-50C19467BD82" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125213:*:*:*:*:*:*", - "matchCriteriaId": "15B1975C-80B8-4027-AFC6-57BF38A67127" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125213:*:*:*:*:*:*", + "matchCriteriaId": "397B1FAC-EB6E-4F17-B5D7-CBD47D581DF5" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125217:*:*:*:*:*:*", - "matchCriteriaId": "16F666EB-7E55-487F-9B7C-FA836DD1E4F6" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125217:*:*:*:*:*:*", + "matchCriteriaId": "E771BCA5-9E65-4C8B-BF36-E90F641D2015" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125221:*:*:*:*:*:*", - "matchCriteriaId": "8EC7A4D8-9BC2-4FB3-A7D3-2202BAEF2B68" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125221:*:*:*:*:*:*", + "matchCriteriaId": "A658460A-FAE0-4487-8CD6-FB3384664F9D" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125232:*:*:*:*:*:*", - "matchCriteriaId": "7799F9D6-3368-462F-A877-0C1E30275EA7" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125232:*:*:*:*:*:*", + "matchCriteriaId": "6F104D17-7D08-42A5-BAF3-DEA475308FC6" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125323:*:*:*:*:*:*", - "matchCriteriaId": "14348E14-1A42-430D-AB52-71B1A300BA9B" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125323:*:*:*:*:*:*", + "matchCriteriaId": "9F875BFA-18C2-42BF-8BC4-D02E15B395E6" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125329:*:*:*:*:*:*", - "matchCriteriaId": "BB2D7C35-8FAF-4B53-A8F1-F478484AFE4E" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125329:*:*:*:*:*:*", + "matchCriteriaId": "3BBD9D22-7E92-4648-972E-E17D9472E08D" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125357:*:*:*:*:*:*", - "matchCriteriaId": "C38FF2F3-ADED-43F0-AAA0-9AAFAF7D803F" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125357:*:*:*:*:*:*", + "matchCriteriaId": "7219F9A0-CD1D-4BB4-A5E1-FA0495B49114" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125361:*:*:*:*:*:*", - "matchCriteriaId": "3979363B-C316-4E67-BEBF-21CB256C9DA6" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125361:*:*:*:*:*:*", + "matchCriteriaId": "0CBB0F67-9C81-44BC-9836-DE5FE40DDBBF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125362:*:*:*:*:*:*", - "matchCriteriaId": "B0F27AF5-EB94-4917-B8E7-3F771F2F532B" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125362:*:*:*:*:*:*", + "matchCriteriaId": "6D7C0250-52DA-423D-B061-0CDF39D15068" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125376:*:*:*:*:*:*", - "matchCriteriaId": "649BBDA6-E7B1-4041-9DCF-3AF468739756" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125376:*:*:*:*:*:*", + "matchCriteriaId": "6FC34D3F-FED3-4266-AB29-98FFC2002507" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125381:*:*:*:*:*:*", - "matchCriteriaId": "6AC85B2A-9CB2-4364-9E9C-9E6CBE5612FE" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125381:*:*:*:*:*:*", + "matchCriteriaId": "DD1460AC-A719-4B75-B28B-748B6C262A87" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125399:*:*:*:*:*:*", - "matchCriteriaId": "A2B56F2B-94D3-4AF4-8AF8-9E0834136FCC" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125399:*:*:*:*:*:*", + "matchCriteriaId": "B9024FE1-536C-4180-8115-6D97E7C324D1" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125410:*:*:*:*:*:*", - "matchCriteriaId": "2A5407B9-3CD2-40CA-B0A6-DECBED69CC00" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125410:*:*:*:*:*:*", + "matchCriteriaId": "8CD6EB21-3DC6-47A7-939A-AA3C8EFE278F" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125429:*:*:*:*:*:*", - "matchCriteriaId": "320CF852-7992-4B4E-9A0F-781B9BCB9682" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125429:*:*:*:*:*:*", + "matchCriteriaId": "3A5911F7-7A45-499D-B345-D9C082932BBA" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125447:*:*:*:*:*:*", - "matchCriteriaId": "5E8739CE-EE06-4647-B990-6BD3015C749E" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125447:*:*:*:*:*:*", + "matchCriteriaId": "CBBD7A90-4F97-4DFD-B8E6-F24A9B72A1C0" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125459:*:*:*:*:*:*", - "matchCriteriaId": "23EABC30-F5A7-4C57-9E99-0D9FD4FE348B" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125459:*:*:*:*:*:*", + "matchCriteriaId": "87C6DCE0-5F40-4F50-8538-29CFF2DCC9EA" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125464:*:*:*:*:*:*", - "matchCriteriaId": "C0C2A2B6-AE8E-440D-AD6F-30D39628ACF6" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125464:*:*:*:*:*:*", + "matchCriteriaId": "BECA9FA7-887B-4ECC-AA23-F75F96E42CB3" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125467:*:*:*:*:*:*", - "matchCriteriaId": "055C08CF-FA88-4F9A-8497-D1E30F230974" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125467:*:*:*:*:*:*", + "matchCriteriaId": "CFD6D448-337E-4A63-8BE2-4DFC50AE7413" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125475:*:*:*:*:*:*", - "matchCriteriaId": "58D72BC2-3A24-4A0C-B786-AA5AFBF0FB44" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125475:*:*:*:*:*:*", + "matchCriteriaId": "33F2625D-0750-4ED1-8BA7-8141D8B7FB01" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125482:*:*:*:*:*:*", - "matchCriteriaId": "D4A7BAEA-0A18-447E-8916-BF2CE346C547" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125482:*:*:*:*:*:*", + "matchCriteriaId": "A7D6DD58-62F3-4727-9AC1-E6B5EA71BB89" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125483:*:*:*:*:*:*", - "matchCriteriaId": "19EDE825-5C3E-45F7-9442-3CDD6598B3CB" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125483:*:*:*:*:*:*", + "matchCriteriaId": "33991587-174F-48D9-821D-BF44CF24924D" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125484:*:*:*:*:*:*", - "matchCriteriaId": "4D4992E6-20A1-480D-B298-92051FF1BBC6" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125484:*:*:*:*:*:*", + "matchCriteriaId": "18B8D15F-0286-4D64-96F8-D213E241813E" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125485:*:*:*:*:*:*", - "matchCriteriaId": "734775AF-3F12-433A-88A4-076E2C455E38" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125485:*:*:*:*:*:*", + "matchCriteriaId": "EB8483C1-6586-4936-8BF8-ECE3F0F4D5F5" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125488:*:*:*:*:*:*", - "matchCriteriaId": "44E9F06E-70E5-478E-A3DE-8075702E3C9A" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125488:*:*:*:*:*:*", + "matchCriteriaId": "A9318551-C41F-46E9-A196-5C01EAE276F4" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125490:*:*:*:*:*:*", - "matchCriteriaId": "CD4ADCDD-CCED-411F-8ABD-EC8D7FF5A68C" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125490:*:*:*:*:*:*", + "matchCriteriaId": "5030E129-0401-457B-B4FB-974AD5A0A948" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125557:*:*:*:*:*:*", - "matchCriteriaId": "A0388345-3D48-431A-943C-1253390DBCA0" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125557:*:*:*:*:*:*", + "matchCriteriaId": "74DAFF5A-7090-427F-A69E-2E90456485C1" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125568:*:*:*:*:*:*", - "matchCriteriaId": "07F84F1A-339A-4B1B-B56F-0E0203B6812B" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125568:*:*:*:*:*:*", + "matchCriteriaId": "8EB26A23-108E-4F39-84E3-2F1C197C8CE2" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125582:*:*:*:*:*:*", - "matchCriteriaId": "BB58C766-6CA2-4930-9F27-75254CE8F95D" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125582:*:*:*:*:*:*", + "matchCriteriaId": "DF57D557-B1B9-4B2E-81A5-B23C1A8521E1" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125605:*:*:*:*:*:*", - "matchCriteriaId": "008D2D83-A58C-4A8B-ADE6-2DDB2C36EF14" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125605:*:*:*:*:*:*", + "matchCriteriaId": "E37E20B2-B678-45C1-9EF9-7D65172B485F" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125606:*:*:*:*:*:*", - "matchCriteriaId": "61C0A921-BAD3-442E-B909-221BE098FF11" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125606:*:*:*:*:*:*", + "matchCriteriaId": "722042FB-CFE5-4DE8-A196-65D2E035378F" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125615:*:*:*:*:*:*", - "matchCriteriaId": "78D444BD-A77B-463F-AD78-C60F17277CF5" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125615:*:*:*:*:*:*", + "matchCriteriaId": "17CC4F0C-E69E-4FA5-8119-D71AD9C13E63" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.5:125621:*:*:*:*:*:*", - "matchCriteriaId": "66E00B7A-C13E-4167-BC20-94030CA233D6" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125621:*:*:*:*:*:*", + "matchCriteriaId": "B8DA03F6-8EF8-48E1-B4CF-A2B0CB6F1DEC" } ] }, @@ -3436,34 +3436,34 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:*", "versionEndExcluding": "12.7", - "matchCriteriaId": "849FF199-6118-498E-96E6-9B9B1A706A42" + "matchCriteriaId": "50FB7952-0CED-4A64-A435-D588CA661630" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.7:127000:*:*:*:*:*:*", - "matchCriteriaId": "FF4B16FE-95B5-4D49-A066-41D239F3B80D" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127000:*:*:*:*:*:*", + "matchCriteriaId": "8343B084-2009-44F2-B36C-C66719BBB1FB" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.7:127101:*:*:*:*:*:*", - "matchCriteriaId": "A81A5A28-A782-480B-92C8-EBC27A0050B8" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127101:*:*:*:*:*:*", + "matchCriteriaId": "2574DD71-36A4-47AE-ABC3-D05D36FF8F02" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.7:127130:*:*:*:*:*:*", - "matchCriteriaId": "2E24FA92-7F4F-476A-942A-1148615FBAE6" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127130:*:*:*:*:*:*", + "matchCriteriaId": "B9D787C9-F37B-4193-A34F-080F7410BFA7" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.7:127131:*:*:*:*:*:*", - "matchCriteriaId": "5073495C-570D-4A4E-AD0D-DFEB5E2FDA73" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127131:*:*:*:*:*:*", + "matchCriteriaId": "55FB4705-D709-42F0-A562-6C5A05E00EAE" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyser:12.7:127187:*:*:*:*:*:*", - "matchCriteriaId": "DBF0377D-A9D0-4F4A-B3F7-7C8554564024" + "criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127187:*:*:*:*:*:*", + "matchCriteriaId": "4503E624-DC7F-4C5E-B715-0EC4676CA1ED" } ] }, @@ -3489,9 +3489,284 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyser:*:*:*:*:*:*:*:*", - "versionEndIncluding": "12.5.615", - "matchCriteriaId": "C310031E-B908-43FC-B718-356F23A6014C" + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "12.5", + "matchCriteriaId": "340D8561-6110-49D8-BCDC-78A762FCD3E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125000:*:*:*:*:*:*", + "matchCriteriaId": "C61E9B3D-A39D-428E-A82F-5C4C225906C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125108:*:*:*:*:*:*", + "matchCriteriaId": "423D3372-F910-4006-9FE8-49A6B730AEBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125109:*:*:*:*:*:*", + "matchCriteriaId": "02B0ED3C-4729-4C70-8F06-6B507ED75BEC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125115:*:*:*:*:*:*", + "matchCriteriaId": "3CE0B4B2-CC4C-4F0F-B97E-A90C84377989" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125120:*:*:*:*:*:*", + "matchCriteriaId": "DC2E4C62-9867-4D14-85B3-95F359BD0551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125122:*:*:*:*:*:*", + "matchCriteriaId": "5042AD90-4DF1-4A5A-9317-017102515284" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125125:*:*:*:*:*:*", + "matchCriteriaId": "356A4F91-FA5B-4A09-841E-A380F580BA88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125129:*:*:*:*:*:*", + "matchCriteriaId": "CBBDC611-498B-4175-9A88-5914ED6D3A9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125141:*:*:*:*:*:*", + "matchCriteriaId": "10F3C9AD-9C1B-4FBD-8325-B56FCF96FFE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125149:*:*:*:*:*:*", + "matchCriteriaId": "F4EE5C24-C4AE-4F9D-B808-8930102A1389" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125160:*:*:*:*:*:*", + "matchCriteriaId": "E0F45A48-5006-4748-B683-6C7CB469286A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125179:*:*:*:*:*:*", + "matchCriteriaId": "9796C62A-8FCA-4E1E-855E-7D67F77C9AD7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125180:*:*:*:*:*:*", + "matchCriteriaId": "1A1AC2FD-91BA-4B78-BB14-B9F2CEB09071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125200:*:*:*:*:*:*", + "matchCriteriaId": "A4B99FDC-EC68-4006-B359-E845AEF72FA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125212:*:*:*:*:*:*", + "matchCriteriaId": "240A8575-F963-4DB4-B9C6-BE584A2F8271" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125213:*:*:*:*:*:*", + "matchCriteriaId": "B97F1BEE-F3C0-4DDD-B767-23C4BE9054AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125217:*:*:*:*:*:*", + "matchCriteriaId": "3B3482FA-9483-4EC7-9B09-E1BB63F02790" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125232:*:*:*:*:*:*", + "matchCriteriaId": "2600FBC5-8358-4126-88F2-00F3BEE9B537" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125323:*:*:*:*:*:*", + "matchCriteriaId": "FDD47CB0-3680-4ED9-821C-B673EACB953D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125329:*:*:*:*:*:*", + "matchCriteriaId": "D27B76C3-B8C8-48A6-AEF3-E9145B57EDA5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125357:*:*:*:*:*:*", + "matchCriteriaId": "6D77C576-035E-403B-A2B3-992496FAD202" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125362:*:*:*:*:*:*", + "matchCriteriaId": "70608921-F02A-4121-BE90-919DD68DD0D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125376:*:*:*:*:*:*", + "matchCriteriaId": "93C50660-6ECF-4353-A15A-4F7B0F06D33A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125381:*:*:*:*:*:*", + "matchCriteriaId": "06D8864A-E6CC-4742-A2CF-B060E8DFA740" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125393:*:*:*:*:*:*", + "matchCriteriaId": "D2572B3B-3BC4-4A83-92D5-8D7579821F4B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125399:*:*:*:*:*:*", + "matchCriteriaId": "0DD78F90-5231-4848-8971-9AB5ABBD2C33" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125412:*:*:*:*:*:*", + "matchCriteriaId": "7C94C142-168F-421C-B00B-3F42AA1CC9D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125429:*:*:*:*:*:*", + "matchCriteriaId": "77CE4835-6540-4CF6-A31C-255DA52BB073" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125447:*:*:*:*:*:*", + "matchCriteriaId": "E0544AE8-92B3-43A7-8F42-299AED1A40CC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*", + "matchCriteriaId": "BEC805D2-CFDC-40DE-AA70-42A91461BEE6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*", + "matchCriteriaId": "4767BF5A-B867-44BB-B152-E2AFA63B06D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*", + "matchCriteriaId": "5855C471-07AB-4A96-9631-26C6C8B01F67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*", + "matchCriteriaId": "5075910F-3676-439A-879A-5CBE2C734347" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*", + "matchCriteriaId": "20808F91-7F08-4BA9-9075-C54337EC68E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*", + "matchCriteriaId": "C700CE3B-31B5-4B4D-A378-70EC26D6F88B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125459:*:*:*:*:*:*", + "matchCriteriaId": "A05AFF4D-4EF9-4939-81CC-0AB55DA596F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125464:*:*:*:*:*:*", + "matchCriteriaId": "86C3E31F-87E2-459F-8D1B-C6D1A237960D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125467:*:*:*:*:*:*", + "matchCriteriaId": "A3E7FC26-0000-4D4B-B489-DF0E2CD2B13C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125469:*:*:*:*:*:*", + "matchCriteriaId": "13E6E0F9-9D03-4665-9C89-6BE62ADCB39C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125471:*:*:*:*:*:*", + "matchCriteriaId": "0DE52003-E959-420F-89A1-C86D8FB12DBF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125476:*:*:*:*:*:*", + "matchCriteriaId": "6E9C9051-7FDE-4DEE-85DC-0798524DC17A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125482:*:*:*:*:*:*", + "matchCriteriaId": "5BE3598F-CEB4-4553-BB50-AA778BBF8BDF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125483:*:*:*:*:*:*", + "matchCriteriaId": "4C71852D-D529-469A-9111-6D4DB8381BD9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125484:*:*:*:*:*:*", + "matchCriteriaId": "EC3F7DA9-3FBF-4D67-8BA5-2643E706F64F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125485:*:*:*:*:*:*", + "matchCriteriaId": "53E2DF01-9A39-4E50-BEDE-D49988CE5CBD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125488:*:*:*:*:*:*", + "matchCriteriaId": "0015664D-11BC-4DEE-BC5B-DB3D1FE8DF82" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125490:*:*:*:*:*:*", + "matchCriteriaId": "8B49F887-4574-4B3C-A8A7-57F75B27447F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125557:*:*:*:*:*:*", + "matchCriteriaId": "C1E93E4D-0E54-41DF-843A-E8AE94EAD0BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125566:*:*:*:*:*:*", + "matchCriteriaId": "1617ADAD-2E13-4910-B600-3EC7E59B087C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125568:*:*:*:*:*:*", + "matchCriteriaId": "4E7B4955-F688-47DE-B1FF-D417EBDFF9C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125582:*:*:*:*:*:*", + "matchCriteriaId": "5F982932-5513-411A-9CBF-3082C7ECEF0A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125584:*:*:*:*:*:*", + "matchCriteriaId": "0B5378E9-D011-4B12-8DEE-442F22789C08" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125585:*:*:*:*:*:*", + "matchCriteriaId": "8232CBA1-55DA-4F3C-A9E5-A204A25231C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125606:*:*:*:*:*:*", + "matchCriteriaId": "253569A5-4A2E-4163-88DC-C0FE6B79E06E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125615:*:*:*:*:*:*", + "matchCriteriaId": "A30281F3-4DE2-4ED3-91A7-AE7A091C31E1" } ] }, @@ -3517,9 +3792,39 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyser:*:*:*:*:*:*:*:*", - "versionEndIncluding": "12.7.187", - "matchCriteriaId": "DBD4D4E5-1C92-449E-A4D0-2B301DDC326D" + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "12.7", + "matchCriteriaId": "9222E54C-0A7C-4828-9917-7CFD7EE8BC59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127000:*:*:*:*:*:*", + "matchCriteriaId": "85778DB3-87D9-4C6A-9149-C58C45913268" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127003:*:*:*:*:*:*", + "matchCriteriaId": "3973EC75-A70A-475A-82BB-409992F09392" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127101:*:*:*:*:*:*", + "matchCriteriaId": "14537D55-3ABE-423C-B320-6811292620AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127130:*:*:*:*:*:*", + "matchCriteriaId": "FCB0BDE0-5BD3-4315-A74B-D7065ABC91BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127131:*:*:*:*:*:*", + "matchCriteriaId": "3E850CF4-9078-4E43-A87C-8323536E8CD6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127187:*:*:*:*:*:*", + "matchCriteriaId": "EC407852-45B1-47F4-A886-AF8B473A86D5" } ] }, @@ -3545,284 +3850,284 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:*:*:*:*:*:*:*:*", "versionEndExcluding": "12.5", - "matchCriteriaId": "AE4063D8-6A0A-4E09-B9FE-CAF98FBC9ADC" + "matchCriteriaId": "DCB0C7A9-5511-4AC9-B5E4-74AAE6973E34" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125000:*:*:*:*:*:*", - "matchCriteriaId": "0FCEA2E9-5FD7-4AD0-AEBF-BBAA9CC7A146" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125000:*:*:*:*:*:*", + "matchCriteriaId": "BDA5DDA4-A67C-4370-B41D-02755FCF1F6C" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125108:*:*:*:*:*:*", - "matchCriteriaId": "D16E2919-019C-41DB-9B8C-0F9647712D6A" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125108:*:*:*:*:*:*", + "matchCriteriaId": "3D99CD97-1D6B-4C67-A909-E1CE28A78E10" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125112:*:*:*:*:*:*", - "matchCriteriaId": "850DB76B-483D-4DE7-A50E-9F6221503D83" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125112:*:*:*:*:*:*", + "matchCriteriaId": "70FEC14F-A53C-437C-981A-214B867142E8" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125115:*:*:*:*:*:*", - "matchCriteriaId": "B7348D89-ACDF-440B-9A92-33A0AFD859EE" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125115:*:*:*:*:*:*", + "matchCriteriaId": "895E57EA-A8F6-425B-9D08-654E03B92B30" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125116:*:*:*:*:*:*", - "matchCriteriaId": "93C2CF84-105D-4C82-9ECE-3AB44BC5DFF7" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125116:*:*:*:*:*:*", + "matchCriteriaId": "9EE0C771-B2F6-4766-82FD-203967CE37D7" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125120:*:*:*:*:*:*", - "matchCriteriaId": "7CD181F6-9A48-416D-9D00-2795B5A05168" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125120:*:*:*:*:*:*", + "matchCriteriaId": "0DCD6102-19F7-42D2-A81B-C85824CA351D" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125121:*:*:*:*:*:*", - "matchCriteriaId": "3C63FBDA-2D6D-4025-A3EB-E579FA45C2FB" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125121:*:*:*:*:*:*", + "matchCriteriaId": "3C2C0A08-66BF-4FDC-A209-769234438844" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125125:*:*:*:*:*:*", - "matchCriteriaId": "2463CB90-E469-4CAB-B888-8012642B8B29" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125125:*:*:*:*:*:*", + "matchCriteriaId": "8DDC3649-12A9-41F3-A27D-646B5DF05E93" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125129:*:*:*:*:*:*", - "matchCriteriaId": "F562157D-72FF-4340-A4BA-9EAF613CB9D9" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125129:*:*:*:*:*:*", + "matchCriteriaId": "4F037A2A-4B9A-4EBC-94E2-87502960FF20" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125136:*:*:*:*:*:*", - "matchCriteriaId": "157C245E-2361-425E-9F29-D5C6617064B4" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125136:*:*:*:*:*:*", + "matchCriteriaId": "B15E99A3-989F-4EFD-BA26-DEC6992BD1CD" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125142:*:*:*:*:*:*", - "matchCriteriaId": "84BDE6F2-089C-49B1-A79E-57E31991E225" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125142:*:*:*:*:*:*", + "matchCriteriaId": "B85BF117-503B-435F-8667-481D9AC7A788" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125149:*:*:*:*:*:*", - "matchCriteriaId": "00CD4BD9-4FF8-40B0-AFF9-90DB14BDE338" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125149:*:*:*:*:*:*", + "matchCriteriaId": "3AC2A038-F59B-4137-B02F-4C26E2EB9152" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125180:*:*:*:*:*:*", - "matchCriteriaId": "D6BAAB19-C5E6-4374-B022-7A0018DC847B" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125180:*:*:*:*:*:*", + "matchCriteriaId": "F605C78F-8BE4-4E02-A7FB-CA9D24AFE7E5" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125195:*:*:*:*:*:*", - "matchCriteriaId": "99A7F7B5-E87A-4E15-B486-5DBFF5A8364F" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125195:*:*:*:*:*:*", + "matchCriteriaId": "15557A07-E0E9-40DB-B013-0F4AD9556BD6" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125199:*:*:*:*:*:*", - "matchCriteriaId": "3EE4586E-E7F2-499C-8ABB-B864B76B9692" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125199:*:*:*:*:*:*", + "matchCriteriaId": "79082C84-9F25-4A63-86AF-18CC4ADF71CE" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125212:*:*:*:*:*:*", - "matchCriteriaId": "CB4DE2B2-DC55-41B8-AE41-9BDE3BFC94E1" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125212:*:*:*:*:*:*", + "matchCriteriaId": "A88678CE-DB64-4D66-8F2A-3C60058DC5CF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125213:*:*:*:*:*:*", - "matchCriteriaId": "C512579F-0A38-4D11-84BB-CEE659402E62" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125213:*:*:*:*:*:*", + "matchCriteriaId": "88009BAC-1ECF-4BA3-855F-96C8789E476E" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125216:*:*:*:*:*:*", - "matchCriteriaId": "998010DF-00AF-4350-87DB-1B47151A69CD" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125216:*:*:*:*:*:*", + "matchCriteriaId": "E64F7B54-6B09-4B7E-B2AB-5EA73FD8E0AF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125228:*:*:*:*:*:*", - "matchCriteriaId": "AE16F952-8D85-403C-B597-B0C36C0E0248" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125228:*:*:*:*:*:*", + "matchCriteriaId": "2B94DFD2-374C-47A9-9D54-3FDB63197FFA" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125232:*:*:*:*:*:*", - "matchCriteriaId": "B5CAC312-4389-41BE-AD48-A42CC29B75D2" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125232:*:*:*:*:*:*", + "matchCriteriaId": "9B0330D9-1276-4228-BA7E-B9E3B828E5AE" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125233:*:*:*:*:*:*", - "matchCriteriaId": "5A4703E2-932E-487D-A97C-D750587E2CBC" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125233:*:*:*:*:*:*", + "matchCriteriaId": "89736956-D05D-437B-BC7A-850AA459C123" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125234:*:*:*:*:*:*", - "matchCriteriaId": "1D589D4A-50F4-4A21-B9AC-EBC168C3A24F" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125234:*:*:*:*:*:*", + "matchCriteriaId": "63B26424-7292-4F37-B86F-2A4E0AD32B85" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125323:*:*:*:*:*:*", - "matchCriteriaId": "6EF17749-7CE6-47D0-9EBD-395B0F264F9F" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125323:*:*:*:*:*:*", + "matchCriteriaId": "2D2629FB-0A83-43CC-8C83-444036D05F7D" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125325:*:*:*:*:*:*", - "matchCriteriaId": "8CBE6AF5-2696-4764-93A4-9F1975A2576D" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125325:*:*:*:*:*:*", + "matchCriteriaId": "4CFD99D1-CB43-437B-8E7D-6712DA5C9835" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125327:*:*:*:*:*:*", - "matchCriteriaId": "EB826105-B3B4-485E-8ECE-FF65A2E6DE22" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125327:*:*:*:*:*:*", + "matchCriteriaId": "6FEBA58F-E5B4-4B91-B78F-620C6EB9D3BB" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125329:*:*:*:*:*:*", - "matchCriteriaId": "324FC485-0E86-4A0C-92D0-FC819E90BED1" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125329:*:*:*:*:*:*", + "matchCriteriaId": "F9F9D406-FE99-45C0-B1C0-4DEB5E843FE5" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125343:*:*:*:*:*:*", - "matchCriteriaId": "60F6F740-BF22-40C3-A04D-BA505A64E51F" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125343:*:*:*:*:*:*", + "matchCriteriaId": "F4B86974-C598-4E1A-9FF0-5AF9638C1AD0" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125345:*:*:*:*:*:*", - "matchCriteriaId": "00AD5848-E8E9-47F4-A493-60E3B5EB782D" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125345:*:*:*:*:*:*", + "matchCriteriaId": "C2838623-6F3F-417A-A644-FA226CCD8BB5" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125358:*:*:*:*:*:*", - "matchCriteriaId": "C317D1EF-68DF-4323-B8DB-BB4E0B39B8F2" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125358:*:*:*:*:*:*", + "matchCriteriaId": "454EDD2A-E79A-4D46-B841-BE5EC12C63D5" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125362:*:*:*:*:*:*", - "matchCriteriaId": "3A45303B-3B16-481F-9AD0-822B3836E113" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125362:*:*:*:*:*:*", + "matchCriteriaId": "1557A740-D19D-4220-9B3E-395EFCB86F9D" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125363:*:*:*:*:*:*", - "matchCriteriaId": "22698A54-7CEE-4D6D-AA96-A451D499F2F2" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125363:*:*:*:*:*:*", + "matchCriteriaId": "9C7DB404-A5C7-4EDB-BCB2-079A41E31428" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125378:*:*:*:*:*:*", - "matchCriteriaId": "AC0370F6-E6C8-4EFC-8D27-1804F89E7EA8" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125378:*:*:*:*:*:*", + "matchCriteriaId": "B738952C-DE7B-4C3D-85B9-ADBEDF007AFD" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125392:*:*:*:*:*:*", - "matchCriteriaId": "CDFD2302-BD41-462A-8101-436861AABC9C" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125392:*:*:*:*:*:*", + "matchCriteriaId": "897D140C-20FF-454D-8928-B11FFC84C016" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125399:*:*:*:*:*:*", - "matchCriteriaId": "012A6FFF-4258-403A-8F18-4248D51BF861" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125399:*:*:*:*:*:*", + "matchCriteriaId": "18F93D7C-E8FC-4D4C-AEA0-C1187FB6D9D3" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125417:*:*:*:*:*:*", - "matchCriteriaId": "C39EFD71-C561-4D8B-9001-AD2C87F041AC" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125417:*:*:*:*:*:*", + "matchCriteriaId": "2E799367-7DC7-478D-948A-17D717507DC0" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125445:*:*:*:*:*:*", - "matchCriteriaId": "731AD336-BBEB-464D-AB8E-4BE172C79811" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125445:*:*:*:*:*:*", + "matchCriteriaId": "74A5591E-75A4-4ACA-9C34-4907D645AA88" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125459:*:*:*:*:*:*", - "matchCriteriaId": "D1BDD55A-F97B-4866-9DFA-AB95057C887B" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125459:*:*:*:*:*:*", + "matchCriteriaId": "0C67D5FC-5965-4AC1-80A5-931BE60B5E86" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125465:*:*:*:*:*:*", - "matchCriteriaId": "21965094-73FA-483A-B03E-187F7D4E2C16" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125465:*:*:*:*:*:*", + "matchCriteriaId": "139E25D9-A4C8-4041-ADF7-4618DFEEE8C7" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125469:*:*:*:*:*:*", - "matchCriteriaId": "42F92EAC-33E2-4678-8CF9-36D9217E46BE" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125469:*:*:*:*:*:*", + "matchCriteriaId": "6A65F3F7-45D3-49EB-9784-1F13FA2CBB0C" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125471:*:*:*:*:*:*", - "matchCriteriaId": "BA9628F5-6186-4987-9450-B07F653E5076" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125471:*:*:*:*:*:*", + "matchCriteriaId": "3795D2DE-622F-4C82-B133-0993A01AC1FB" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125475:*:*:*:*:*:*", - "matchCriteriaId": "364A640D-4687-49EB-986B-D879C25343BE" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125475:*:*:*:*:*:*", + "matchCriteriaId": "C0DB9896-BC25-46E3-AA6F-496A442BE525" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125482:*:*:*:*:*:*", - "matchCriteriaId": "A147B5DF-81CA-4B85-A664-862F60F0D600" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125482:*:*:*:*:*:*", + "matchCriteriaId": "CE56A949-74AC-4138-8AD3-31F5763860EF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125483:*:*:*:*:*:*", - "matchCriteriaId": "02149336-D2FE-4108-844F-505F46F502FE" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125483:*:*:*:*:*:*", + "matchCriteriaId": "4A3DB867-FD46-46EB-AEF0-2B6E79371AF6" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125485:*:*:*:*:*:*", - "matchCriteriaId": "8B35108F-9A60-48A7-B43F-B7D83343C7D2" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125485:*:*:*:*:*:*", + "matchCriteriaId": "7881FBB4-AC09-4EB9-B02F-3EA19237E095" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125488:*:*:*:*:*:*", - "matchCriteriaId": "899BD390-A9CE-400E-9981-EF2591250903" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125488:*:*:*:*:*:*", + "matchCriteriaId": "F391E432-98B8-4D97-8AD4-FB1A84FAF774" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125490:*:*:*:*:*:*", - "matchCriteriaId": "1010450D-F1F2-4415-B3C0-4D2B130A87CA" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125490:*:*:*:*:*:*", + "matchCriteriaId": "61D908B2-446E-48EC-9F6B-91E8BF0F6A38" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125565:*:*:*:*:*:*", - "matchCriteriaId": "ED16F27F-12E5-4289-B81C-72550B673B81" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125565:*:*:*:*:*:*", + "matchCriteriaId": "FD5F28B0-580E-4CD4-917A-496D35AD271A" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125568:*:*:*:*:*:*", - "matchCriteriaId": "529086AF-491F-44BC-A842-7F8CC16F44A7" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125568:*:*:*:*:*:*", + "matchCriteriaId": "F0FC96AA-F2F4-4C35-8BF7-6318A2F624A0" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125583:*:*:*:*:*:*", - "matchCriteriaId": "32D39EEC-BC8D-4985-A3C5-D2CB84156890" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125583:*:*:*:*:*:*", + "matchCriteriaId": "6EA008F1-4E47-4753-8506-769B29AB5BA5" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125584:*:*:*:*:*:*", - "matchCriteriaId": "3CC90A42-E555-43AF-9217-ACC5730308D0" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125584:*:*:*:*:*:*", + "matchCriteriaId": "7ED68CDE-1096-4490-8E6B-78F4AC2BB729" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125598:*:*:*:*:*:*", - "matchCriteriaId": "8704ADD0-87BA-486B-BE71-7BD843B08A77" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125598:*:*:*:*:*:*", + "matchCriteriaId": "34F8D9B7-3BD7-44C0-A292-162928729F36" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125606:*:*:*:*:*:*", - "matchCriteriaId": "230D7573-498D-4428-9A7A-23285E3581D3" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125606:*:*:*:*:*:*", + "matchCriteriaId": "ADFB3155-72F3-4DFA-BAE1-5725A40E6C8B" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125612:*:*:*:*:*:*", - "matchCriteriaId": "A6AC540B-F662-4A38-B144-C56954682841" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125612:*:*:*:*:*:*", + "matchCriteriaId": "7446678C-E2DB-4EA2-BC9B-430C8EC7804B" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125615:*:*:*:*:*:*", - "matchCriteriaId": "A0A6F7BD-0806-4848-A050-D9DE0F27EB2D" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125615:*:*:*:*:*:*", + "matchCriteriaId": "33C57314-5503-48BD-9ED2-D76517C9C0F0" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.5:build125617:*:*:*:*:*:*", - "matchCriteriaId": "561E7540-F3AA-47A1-BE89-970E6BD718A5" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125617:*:*:*:*:*:*", + "matchCriteriaId": "AC201C68-2C1D-4E75-9443-C5F853A37AB0" } ] }, @@ -3848,29 +4153,29 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:*:*:*:*:*:*:*:*", "versionEndExcluding": "12.7", - "matchCriteriaId": "C1E8C4A2-7339-4ABE-9EDD-1DB74CA72F1B" + "matchCriteriaId": "D6628EB7-96F6-48E3-8018-8F569972B811" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.7:build127000:*:*:*:*:*:*", - "matchCriteriaId": "0DBFA2EE-AECD-4070-9CF3-719BBD1CD1EF" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127000:*:*:*:*:*:*", + "matchCriteriaId": "B64ADEEB-502D-4588-BD80-156124437AEB" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.7:build127102:*:*:*:*:*:*", - "matchCriteriaId": "48F93778-6271-4B23-8BC0-7920D5930172" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127102:*:*:*:*:*:*", + "matchCriteriaId": "2306C5F3-5413-4240-BAB6-E55849063A72" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.7:build127105:*:*:*:*:*:*", - "matchCriteriaId": "2326B97B-7ECD-4144-97A9-84F951333C5F" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127105:*:*:*:*:*:*", + "matchCriteriaId": "87F97A9E-2AB3-4121-B5A7-0AA25780D336" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:network_configuration_manager:12.7:build127132:*:*:*:*:*:*", - "matchCriteriaId": "C0FD619F-F162-48E3-A168-64E0B79EE11C" + "criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127132:*:*:*:*:*:*", + "matchCriteriaId": "AD049643-9546-4D39-BD26-79661205C110" } ] }, diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6228.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6228.json index 392a9b5827c..6a5463e94c0 100644 --- a/CVE-2023/CVE-2023-62xx/CVE-2023-6228.json +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6228.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6228", "sourceIdentifier": "secalert@redhat.com", "published": "2023-12-18T14:15:11.840", - "lastModified": "2023-12-18T15:04:28.363", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T18:19:14.730", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 un problema en la utilidad tiffcp distribuida por el paquete libtiff donde un archivo TIFF manipulado durante el procesamiento puede provocar un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico y provocar un bloqueo de la aplicaci\u00f3n." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -46,14 +80,65 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libtiff:libtiff:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2FFD25C1-A304-486F-A36B-7167EEF33388" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-6228", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240995", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6305.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6305.json index 49bb908abc1..2a09a1f7f25 100644 --- a/CVE-2023/CVE-2023-63xx/CVE-2023-6305.json +++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6305.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6305", "sourceIdentifier": "cna@vuldb.com", "published": "2023-11-27T01:15:07.463", - "lastModified": "2023-11-30T05:22:45.997", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T18:55:36.773", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -104,8 +104,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:mayuri_k:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "4A505CD8-96F0-4C93-AFB6-DCC534B5BC45" + "criteria": "cpe:2.3:a:mayurik:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D414DE2C-F2F3-4159-9D7F-A81930652C97" } ] } diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6306.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6306.json index 2c9d4966a0b..ad4eccca4d6 100644 --- a/CVE-2023/CVE-2023-63xx/CVE-2023-6306.json +++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6306.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6306", "sourceIdentifier": "cna@vuldb.com", "published": "2023-11-27T02:15:42.133", - "lastModified": "2023-11-30T05:17:21.207", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T18:55:28.227", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -104,8 +104,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:mayuri_k:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "4A505CD8-96F0-4C93-AFB6-DCC534B5BC45" + "criteria": "cpe:2.3:a:mayurik:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D414DE2C-F2F3-4159-9D7F-A81930652C97" } ] } diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6691.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6691.json index b7c7598c9fe..9cb449873d9 100644 --- a/CVE-2023/CVE-2023-66xx/CVE-2023-6691.json +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6691.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6691", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-12-18T18:15:08.120", - "lastModified": "2023-12-18T19:05:45.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T18:28:00.493", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nCambium ePMP Force 300-25 version 4.7.0.1 is vulnerable to a code injection vulnerability that could allow an attacker to perform remote code execution and gain root privileges.\n\n\n\n\n" + }, + { + "lang": "es", + "value": "Cambium ePMP Force 300-25 versi\u00f3n 4.7.0.1 es afectado por una vulnerabilidad de inyecci\u00f3n de c\u00f3digo que podr\u00eda permitir a un atacante realizar la ejecuci\u00f3n remota de c\u00f3digo y obtener privilegios de root." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "ics-cert@hq.dhs.gov", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + }, { "source": "ics-cert@hq.dhs.gov", "type": "Secondary", @@ -46,10 +80,43 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cambiumnetworks:epmp_force_300-25_firmware:4.7.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "032C677B-1B5C-4F88-B3E5-720345A324A9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:cambiumnetworks:epmp_force_300-25:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6DF85E46-C4D2-4733-8E50-F11973BF1AA6" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-01", - "source": "ics-cert@hq.dhs.gov" + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Third Party Advisory", + "US Government Resource" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6730.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6730.json index a968a271d46..72718d5afe8 100644 --- a/CVE-2023/CVE-2023-67xx/CVE-2023-6730.json +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6730.json @@ -2,15 +2,41 @@ "id": "CVE-2023-6730", "sourceIdentifier": "security@huntr.dev", "published": "2023-12-19T13:15:43.380", - "lastModified": "2023-12-19T13:42:12.823", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:15:33.537", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36." + }, + { + "lang": "es", + "value": "Deserializaci\u00f3n de datos que no son de confianza en el repositorio de GitHub huggingface/transformers anteriores a 4.36." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +72,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:huggingface:transformers:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.36.0", + "matchCriteriaId": "A7A810D1-9219-4534-83E2-F3FC5402E521" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.com/bounties/423611ee-7a2a-442a-babb-3ed2f8385c16", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6931.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6931.json index 17c7ceebab8..5e3e05b4cc3 100644 --- a/CVE-2023/CVE-2023-69xx/CVE-2023-6931.json +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6931.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6931", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-12-19T14:15:08.277", - "lastModified": "2023-12-19T14:49:49.807", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:00:59.893", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.\n\n" + }, + { + "lang": "es", + "value": "Se puede aprovechar una vulnerabilidad de escritura fuera de los l\u00edmites en la pila en el componente del sistema Performance Events del kernel de Linux para lograr una escalada de privilegios local. El read_size de un perf_event puede desbordarse, lo que lleva a un incremento o escritura fuera de los l\u00edmites en la pila en perf_read_group(). Recomendamos actualizar al commit anterior 382c27f4ed28f803b1f1473ac2d8db0afc795a1b." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -46,14 +80,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.3", + "versionEndExcluding": "6.7", + "matchCriteriaId": "964481AD-5E32-43FB-942E-583634AEA4AA" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=382c27f4ed28f803b1f1473ac2d8db0afc795a1b", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://kernel.dance/382c27f4ed28f803b1f1473ac2d8db0afc795a1b", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6932.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6932.json index de79e4bc799..c1c6b5a8cf9 100644 --- a/CVE-2023/CVE-2023-69xx/CVE-2023-6932.json +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6932.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6932", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-12-19T14:15:08.460", - "lastModified": "2023-12-19T14:49:49.807", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:00:43.243", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.\n\n" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de use after free en el componente ipv4: igmp del kernel de Linux se puede explotar para lograr una escalada de privilegios local. Se puede aprovechar una condici\u00f3n de ejecuci\u00f3n para provocar que un temporizador se registre por error en un objeto bloqueado de lectura de RCU que es liberado por otro subproceso. Recomendamos actualizar el commit anterior e2b706c691905fe78468c361aaabc719d0a496f1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -46,14 +80,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.12", + "versionEndExcluding": "6.7", + "matchCriteriaId": "E2446CA5-FF6C-417F-A095-C5CA491CAA94" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=e2b706c691905fe78468c361aaabc719d0a496f1", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://kernel.dance/e2b706c691905fe78468c361aaabc719d0a496f1", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6945.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6945.json index b47dc78b513..1f1a43cdaa7 100644 --- a/CVE-2023/CVE-2023-69xx/CVE-2023-6945.json +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6945.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6945", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-19T11:15:08.380", - "lastModified": "2023-12-19T13:42:12.823", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T17:15:46.797", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in SourceCodester Online Student Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file edit-student-detail.php. The manipulation of the argument notmsg leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248377 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester Online Student Management System 1.0 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo edit-student-detail.php es afectado por esta vulnerabilidad. La manipulaci\u00f3n del argumento notmsg conduce a cross site scripting. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-248377." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mayurik:online_student_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "E4865818-EDD5-4878-8BFE-DA5931B7CF16" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Online%20student%20management%20system(XSS)%202.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248377", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248377", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7131.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7131.json new file mode 100644 index 00000000000..0b6a2ff52e8 --- /dev/null +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7131.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-7131", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-12-28T17:15:09.740", + "lastModified": "2023-12-28T17:15:09.740", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Intern Membership Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user_registration/ of the component User Registration. The manipulation of the argument userName leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249134 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.5, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-SQL-Injection.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.249134", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.249134", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7132.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7132.json new file mode 100644 index 00000000000..853f851e4be --- /dev/null +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7132.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-7132", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-12-28T17:15:09.997", + "lastModified": "2023-12-28T17:15:09.997", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been classified as problematic. This affects an unknown part of the file /user_registration/ of the component User Registration. The manipulation of the argument userName/firstName/lastName/userEmail with the input \">h0la leads to cross site scripting. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249135." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 3.3 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 6.5, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-Stored_Cross_site_Scripting.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.249135", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.249135", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7133.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7133.json new file mode 100644 index 00000000000..29eb43e2aa1 --- /dev/null +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7133.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-7133", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-12-28T18:15:45.853", + "lastModified": "2023-12-28T18:15:45.853", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in y_project RuoYi 4.7.8. It has been declared as problematic. This vulnerability affects unknown code of the file /login of the component HTTP POST Request Handler. The manipulation of the argument rememberMe with the input falsen3f0mp86o0 leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249136." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 5.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://1drv.ms/w/s!AgMfVZkPO1NWgSPnwk90DMQIUN_D?e=2Bauy4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.249136", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.249136", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 79a717fdf72..d7bddb92194 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-28T17:00:24.440800+00:00 +2023-12-28T19:00:24.853584+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-28T16:56:12.793000+00:00 +2023-12-28T18:59:31.510000+00:00 ``` ### Last Data Feed Release @@ -29,54 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -234351 +234354 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `3` -* [CVE-2023-46987](CVE-2023/CVE-2023-469xx/CVE-2023-46987.json) (`2023-12-28T15:15:07.550`) -* [CVE-2023-50470](CVE-2023/CVE-2023-504xx/CVE-2023-50470.json) (`2023-12-28T15:15:07.617`) -* [CVE-2023-7127](CVE-2023/CVE-2023-71xx/CVE-2023-7127.json) (`2023-12-28T15:15:07.663`) -* [CVE-2023-7128](CVE-2023/CVE-2023-71xx/CVE-2023-7128.json) (`2023-12-28T15:15:07.887`) -* [CVE-2023-50267](CVE-2023/CVE-2023-502xx/CVE-2023-50267.json) (`2023-12-28T16:16:01.650`) -* [CVE-2023-52079](CVE-2023/CVE-2023-520xx/CVE-2023-52079.json) (`2023-12-28T16:16:01.863`) -* [CVE-2023-52081](CVE-2023/CVE-2023-520xx/CVE-2023-52081.json) (`2023-12-28T16:16:02.090`) -* [CVE-2023-52082](CVE-2023/CVE-2023-520xx/CVE-2023-52082.json) (`2023-12-28T16:16:02.290`) -* [CVE-2023-7129](CVE-2023/CVE-2023-71xx/CVE-2023-7129.json) (`2023-12-28T16:16:02.497`) -* [CVE-2023-7163](CVE-2023/CVE-2023-71xx/CVE-2023-7163.json) (`2023-12-28T16:16:02.730`) +* [CVE-2023-7131](CVE-2023/CVE-2023-71xx/CVE-2023-7131.json) (`2023-12-28T17:15:09.740`) +* [CVE-2023-7132](CVE-2023/CVE-2023-71xx/CVE-2023-7132.json) (`2023-12-28T17:15:09.997`) +* [CVE-2023-7133](CVE-2023/CVE-2023-71xx/CVE-2023-7133.json) (`2023-12-28T18:15:45.853`) ### CVEs modified in the last Commit -Recently modified CVEs: `158` +Recently modified CVEs: `44` -* [CVE-2023-4672](CVE-2023/CVE-2023-46xx/CVE-2023-4672.json) (`2023-12-28T15:09:53.403`) -* [CVE-2023-50874](CVE-2023/CVE-2023-508xx/CVE-2023-50874.json) (`2023-12-28T15:09:53.403`) -* [CVE-2023-46918](CVE-2023/CVE-2023-469xx/CVE-2023-46918.json) (`2023-12-28T15:09:59.150`) -* [CVE-2023-49000](CVE-2023/CVE-2023-490xx/CVE-2023-49000.json) (`2023-12-28T15:09:59.150`) -* [CVE-2023-49001](CVE-2023/CVE-2023-490xx/CVE-2023-49001.json) (`2023-12-28T15:09:59.150`) -* [CVE-2023-49002](CVE-2023/CVE-2023-490xx/CVE-2023-49002.json) (`2023-12-28T15:09:59.150`) -* [CVE-2023-3655](CVE-2023/CVE-2023-36xx/CVE-2023-3655.json) (`2023-12-28T15:20:29.200`) -* [CVE-2023-3656](CVE-2023/CVE-2023-36xx/CVE-2023-3656.json) (`2023-12-28T15:20:34.697`) -* [CVE-2023-3654](CVE-2023/CVE-2023-36xx/CVE-2023-3654.json) (`2023-12-28T15:20:38.820`) -* [CVE-2023-5961](CVE-2023/CVE-2023-59xx/CVE-2023-5961.json) (`2023-12-28T15:26:49.127`) -* [CVE-2023-50825](CVE-2023/CVE-2023-508xx/CVE-2023-50825.json) (`2023-12-28T15:38:49.707`) -* [CVE-2023-38200](CVE-2023/CVE-2023-382xx/CVE-2023-38200.json) (`2023-12-28T15:40:32.947`) -* [CVE-2023-48723](CVE-2023/CVE-2023-487xx/CVE-2023-48723.json) (`2023-12-28T15:53:46.960`) -* [CVE-2023-43796](CVE-2023/CVE-2023-437xx/CVE-2023-43796.json) (`2023-12-28T16:13:08.610`) -* [CVE-2023-42627](CVE-2023/CVE-2023-426xx/CVE-2023-42627.json) (`2023-12-28T16:13:12.767`) -* [CVE-2023-42628](CVE-2023/CVE-2023-426xx/CVE-2023-42628.json) (`2023-12-28T16:13:28.370`) -* [CVE-2023-42629](CVE-2023/CVE-2023-426xx/CVE-2023-42629.json) (`2023-12-28T16:13:32.073`) -* [CVE-2023-40791](CVE-2023/CVE-2023-407xx/CVE-2023-40791.json) (`2023-12-28T16:13:37.483`) -* [CVE-2023-45871](CVE-2023/CVE-2023-458xx/CVE-2023-45871.json) (`2023-12-28T16:18:15.007`) -* [CVE-2023-4527](CVE-2023/CVE-2023-45xx/CVE-2023-4527.json) (`2023-12-28T16:23:01.123`) -* [CVE-2023-2680](CVE-2023/CVE-2023-26xx/CVE-2023-2680.json) (`2023-12-28T16:23:09.520`) -* [CVE-2023-41615](CVE-2023/CVE-2023-416xx/CVE-2023-41615.json) (`2023-12-28T16:23:14.277`) -* [CVE-2023-46846](CVE-2023/CVE-2023-468xx/CVE-2023-46846.json) (`2023-12-28T16:24:10.387`) -* [CVE-2023-49148](CVE-2023/CVE-2023-491xx/CVE-2023-49148.json) (`2023-12-28T16:51:57.970`) -* [CVE-2023-48719](CVE-2023/CVE-2023-487xx/CVE-2023-48719.json) (`2023-12-28T16:56:12.793`) +* [CVE-2023-49734](CVE-2023/CVE-2023-497xx/CVE-2023-49734.json) (`2023-12-28T17:16:28.993`) +* [CVE-2023-48738](CVE-2023/CVE-2023-487xx/CVE-2023-48738.json) (`2023-12-28T17:19:48.890`) +* [CVE-2023-47272](CVE-2023/CVE-2023-472xx/CVE-2023-47272.json) (`2023-12-28T17:24:36.373`) +* [CVE-2023-48764](CVE-2023/CVE-2023-487xx/CVE-2023-48764.json) (`2023-12-28T17:25:33.493`) +* [CVE-2023-50835](CVE-2023/CVE-2023-508xx/CVE-2023-50835.json) (`2023-12-28T17:32:58.013`) +* [CVE-2023-47363](CVE-2023/CVE-2023-473xx/CVE-2023-47363.json) (`2023-12-28T17:34:14.213`) +* [CVE-2023-47364](CVE-2023/CVE-2023-473xx/CVE-2023-47364.json) (`2023-12-28T17:34:46.510`) +* [CVE-2023-47365](CVE-2023/CVE-2023-473xx/CVE-2023-47365.json) (`2023-12-28T17:35:10.877`) +* [CVE-2023-48231](CVE-2023/CVE-2023-482xx/CVE-2023-48231.json) (`2023-12-28T17:39:29.390`) +* [CVE-2023-39548](CVE-2023/CVE-2023-395xx/CVE-2023-39548.json) (`2023-12-28T17:55:54.710`) +* [CVE-2023-42183](CVE-2023/CVE-2023-421xx/CVE-2023-42183.json) (`2023-12-28T18:11:09.047`) +* [CVE-2023-40061](CVE-2023/CVE-2023-400xx/CVE-2023-40061.json) (`2023-12-28T18:15:45.650`) +* [CVE-2023-5384](CVE-2023/CVE-2023-53xx/CVE-2023-5384.json) (`2023-12-28T18:16:28.223`) +* [CVE-2023-6228](CVE-2023/CVE-2023-62xx/CVE-2023-6228.json) (`2023-12-28T18:19:14.730`) +* [CVE-2023-48795](CVE-2023/CVE-2023-487xx/CVE-2023-48795.json) (`2023-12-28T18:26:43.827`) +* [CVE-2023-6691](CVE-2023/CVE-2023-66xx/CVE-2023-6691.json) (`2023-12-28T18:28:00.493`) +* [CVE-2023-5641](CVE-2023/CVE-2023-56xx/CVE-2023-5641.json) (`2023-12-28T18:36:45.983`) +* [CVE-2023-6105](CVE-2023/CVE-2023-61xx/CVE-2023-6105.json) (`2023-12-28T18:37:26.820`) +* [CVE-2023-22439](CVE-2023/CVE-2023-224xx/CVE-2023-22439.json) (`2023-12-28T18:50:15.597`) +* [CVE-2023-49092](CVE-2023/CVE-2023-490xx/CVE-2023-49092.json) (`2023-12-28T18:54:22.443`) +* [CVE-2023-45835](CVE-2023/CVE-2023-458xx/CVE-2023-45835.json) (`2023-12-28T18:55:19.140`) +* [CVE-2023-6306](CVE-2023/CVE-2023-63xx/CVE-2023-6306.json) (`2023-12-28T18:55:28.227`) +* [CVE-2023-6305](CVE-2023/CVE-2023-63xx/CVE-2023-6305.json) (`2023-12-28T18:55:36.773`) +* [CVE-2023-45809](CVE-2023/CVE-2023-458xx/CVE-2023-45809.json) (`2023-12-28T18:58:51.657`) +* [CVE-2023-45794](CVE-2023/CVE-2023-457xx/CVE-2023-45794.json) (`2023-12-28T18:59:23.170`) ## Download and Usage