Auto-Update: 2024-10-19T10:00:17.070838+00:00

2025-07-11 16:13:34 +00:00 · 2024-10-19 10:03:18 +00:00 · 2024-10-19 10:03:18 +00:00 · 78d519eaee
commit 78d519eaee
parent b8cc72855e
3 changed files with 145 additions and 8 deletions
--- a/CVE-2024/CVE-2024-101xx/CVE-2024-10133.json
+++ b/CVE-2024/CVE-2024-101xx/CVE-2024-10133.json
@ -0,0 +1,137 @@
 {
  "id": "CVE-2024-10133",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2024-10-19T09:15:11.090",
  "lastModified": "2024-10-19T09:15:11.090",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been found in ESAFENET CDG 5 and classified as critical. Affected by this vulnerability is the function updateNetSecPolicyPriority of the file /com/esafenet/servlet/ajax/NetSecPolicyAjax.java. The manipulation of the argument id/frontId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnerableSystemConfidentiality": "LOW",
          "vulnerableSystemIntegrity": "LOW",
          "vulnerableSystemAvailability": "LOW",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "subsequentSystemAvailability": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirements": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "automatable": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://flowus.cn/share/a320073e-a545-419e-bfb5-d6e2b8526433?code=G8A6P3",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.280921",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.280921",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.422231",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2024-10-19T08:00:17.387124+00:00
+2024-10-19T10:00:17.070838+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2024-10-19T07:15:03.073000+00:00
+2024-10-19T09:15:11.090000+00:00
 ```
 ### Last Data Feed Release
@ -33,15 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-266153
+266154
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `2`
+Recently added CVEs: `1`
- [CVE-2023-6243](CVE-2023/CVE-2023-62xx/CVE-2023-6243.json) (`2024-10-19T07:15:02.520`)
+- [CVE-2024-10133](CVE-2024/CVE-2024-101xx/CVE-2024-10133.json) (`2024-10-19T09:15:11.090`)
 - [CVE-2024-9889](CVE-2024/CVE-2024-98xx/CVE-2024-9889.json) (`2024-10-19T07:15:03.073`)
 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -240418,7 +240418,7 @@ CVE-2023-6239,0,0,b65e4e0202f8c904d3bed9c0b298036f60e92b6b3988771b4545deac730dcf
 CVE-2023-6240,0,0,9a8f126fd8f5ef282af06e27627122b943a8da0b0302096eb47cb5d50f4fd387,2024-09-14T00:15:12.483000
 CVE-2023-6241,0,0,78adb3fd4a8ac4efb92f5a6775561b5f1500ff800960b1d97c9d0a5ad6838839,2024-03-04T13:58:23.447000
 CVE-2023-6242,0,0,8cb486488143e74f052ae2f63ddae224c09f708bec76f7ceae67b2e585a168c1,2024-01-18T18:13:53.840000
-CVE-2023-6243,1,1,73d0760b29c715a05af43aac15a1ddb3e52fb7b057ba6d61b1db91034c71d252,2024-10-19T07:15:02.520000
+CVE-2023-6243,0,0,73d0760b29c715a05af43aac15a1ddb3e52fb7b057ba6d61b1db91034c71d252,2024-10-19T07:15:02.520000
 CVE-2023-6244,0,0,e75e6775cafe9ec86cf77e396a624ef7fd7fcbcac6b9762312ce1f3427f7fd7e,2024-01-18T16:13:00.490000
 CVE-2023-6245,0,0,28e9b7ff9285b21700d4fe9397a4e09496c4b2441b7d2de4ae7c1a7ecf0e3ecd,2023-12-13T14:41:10.210000
 CVE-2023-6246,0,0,cf7f0537a32584936060f9a515de78d86839499a8af746409b793ff3b62faa25,2024-02-16T13:15:10.023000
@ -242274,6 +242274,7 @@ CVE-2024-10129,0,0,ec775af0248379f5d868655b54172a35331f8d92a81885707988267ce16d6
 CVE-2024-1013,0,0,0ecf415fc1e3c9674ce36da20d6e67872f02747822a72b780ad0899083ff5765,2024-03-18T12:38:25.490000
 CVE-2024-10130,0,0,005b5772134ad7ab3ff093e3d1f3c1dcefb8a6bac854c40ff82f3832025c5145,2024-10-18T22:15:04.683000
 CVE-2024-10131,0,0,ec7f7d7eafabbce2d329a6df322b2a0ff4b203d8976eb09a804b94ea08a31f0c,2024-10-19T04:15:05.300000
 CVE-2024-10133,1,1,1403af45d2d75980e8b273ee70d6599abebda1b60a49d652dd75f4a6f64bf012,2024-10-19T09:15:11.090000
 CVE-2024-1014,0,0,8e546db835ee0e62e0f6ed5b95e90d5586231fc78746cbbfef7db3d61b3c5f3d,2024-02-02T02:05:39.277000
 CVE-2024-1015,0,0,5516b1d1af5a9d3814b8a6e102d3692fcdb9c463b2e2645787afdcb157946f20,2024-02-02T02:04:13.267000
 CVE-2024-1016,0,0,71cf76ab1a6b276906d8ecf764cf0be1d15a9c7c60543569d9e172588701616f,2024-05-17T02:35:10.520000
@ -266086,7 +266087,7 @@ CVE-2024-9863,0,0,5a2779f928f03a35905e31f60158c72d5505c6aaa35173f98063e46d2c1389
 CVE-2024-9869,0,0,2195387ef9aab560e210893ad1e9f3295c5808c9d50c0ada4fa1d17778d3d1ae,2024-10-11T15:15:06.500000
 CVE-2024-9873,0,0,54e1b937a83aa8c512a9ce3ab381594073150b73716fb01cf60c5f6e4db0c415,2024-10-16T16:38:14.557000
 CVE-2024-9888,0,0,de5de1e3177c72ea1d0a5d19aa48b1693390bd1baf1f85524c962ffa2c18433f,2024-10-16T16:38:14.557000
-CVE-2024-9889,1,1,0b3b7545dde906fe90387e12e3b83b4a894a23cbd921465fbc28a4b03f9f9d4f,2024-10-19T07:15:03.073000
+CVE-2024-9889,0,0,0b3b7545dde906fe90387e12e3b83b4a894a23cbd921465fbc28a4b03f9f9d4f,2024-10-19T07:15:03.073000
 CVE-2024-9891,0,0,53ec4da3ba927732190105b9993cdfaefd46788f3c82dc582d229482b0eb1fcc,2024-10-16T16:38:14.557000
 CVE-2024-9892,0,0,584f5c7c0c5a775fc15fb3ba6088d5cb7abd48140a1f2b1bd6d2a1fd7b17f015,2024-10-18T12:52:33.507000
 CVE-2024-9893,0,0,426d02de035749f6abb2956fee210a61cbcd97da25fe8818e92240a83b0a6b07,2024-10-16T16:38:14.557000