diff --git a/CVE-2022/CVE-2022-268xx/CVE-2022-26838.json b/CVE-2022/CVE-2022-268xx/CVE-2022-26838.json index 8abd51b6493..9fa679f209a 100644 --- a/CVE-2022/CVE-2022-268xx/CVE-2022-26838.json +++ b/CVE-2022/CVE-2022-268xx/CVE-2022-26838.json @@ -2,23 +2,81 @@ "id": "CVE-2022-26838", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-08-03T15:15:16.543", - "lastModified": "2023-08-03T15:37:04.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:49:27.773", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS) condition." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cybozu:remote_service_manager:3.1.2:*:*:*:*:*:*:*", + "matchCriteriaId": "D35FA1A5-AE98-4CD5-9766-89A34E00DC8E" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN52694228/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://kb.cybozu.support/article/37653/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-40xx/CVE-2022-4046.json b/CVE-2022/CVE-2022-40xx/CVE-2022-4046.json index d1cb611991d..0b935ebab4a 100644 --- a/CVE-2022/CVE-2022-40xx/CVE-2022-4046.json +++ b/CVE-2022/CVE-2022-40xx/CVE-2022-4046.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4046", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T13:15:09.627", - "lastModified": "2023-08-03T15:37:04.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:54:22.383", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,96 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "2390BDA5-FC7C-43F2-A6D0-098DE49E8092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "07DC0FD5-57BB-41CD-9FFD-36FEC5573BFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "BE2276F0-8EF2-4CEA-9A75-010D31F8D76C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "DB41ACE5-0064-4BBC-AEF7-2A89D21EEA83" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "D23780DF-5CF3-4D88-83A4-D5D0E6BF7274" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "0CAF552D-E704-4979-9335-6290F11D6EA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "31A0FF97-A6E5-4339-B68A-E1F76A24D50E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "BC1C54A7-686C-433C-91B0-B84720ABFC81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "B1B0A7F9-9F70-4217-AF38-14E9F9F7CDDB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "D2102923-8711-4D2C-BF3E-870AC1D8F2AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "matchCriteriaId": "98918E65-854F-4719-8419-79578C5F9EAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "matchCriteriaId": "07750392-D8FF-413D-82F9-55B9F2F12B55" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "EE76A4D8-070C-45D7-AF3B-12FFD6BD73E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*", + "matchCriteriaId": "23B980AB-A690-43C0-A117-929C4AD7A2DF" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-025/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Mitigation", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-437xx/CVE-2022-43703.json b/CVE-2022/CVE-2022-437xx/CVE-2022-43703.json index 19d4a714c6a..fb5cc502237 100644 --- a/CVE-2022/CVE-2022-437xx/CVE-2022-43703.json +++ b/CVE-2022/CVE-2022-437xx/CVE-2022-43703.json @@ -2,16 +2,49 @@ "id": "CVE-2022-43703", "sourceIdentifier": "arm-security@arm.com", "published": "2023-07-27T22:15:12.870", - "lastModified": "2023-07-28T13:44:36.087", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:18:45.860", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + }, { "source": "arm-security@arm.com", "type": "Secondary", @@ -23,10 +56,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arm:arm_development_studio:*:*:*:*:*:*:*:*", + "matchCriteriaId": "241064F9-9B76-41FA-A8B5-4FBCDE51BAD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arm:ds_development_studio:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.0.0", + "versionEndIncluding": "5.29.3", + "matchCriteriaId": "30B049E4-59A7-47D8-A491-D947C4AAD4AC" + } + ] + } + ] + } + ], "references": [ { "url": "https://developer.arm.com/documentation/ka005596/latest", - "source": "arm-security@arm.com" + "source": "arm-security@arm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-222xx/CVE-2023-22277.json b/CVE-2023/CVE-2023-222xx/CVE-2023-22277.json index ef8bb23f77f..7ca688f5436 100644 --- a/CVE-2023/CVE-2023-222xx/CVE-2023-22277.json +++ b/CVE-2023/CVE-2023-222xx/CVE-2023-22277.json @@ -2,19 +2,75 @@ "id": "CVE-2023-22277", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-08-03T15:15:17.393", - "lastModified": "2023-08-03T15:37:04.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:23:20.550", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22317 and CVE-2023-22314." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:omron:cx-programmer:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.79", + "matchCriteriaId": "4DB45EC6-3188-44F7-9E2A-ACAB2AF7414B" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/vu/JVNVU92877622/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-223xx/CVE-2023-22314.json b/CVE-2023/CVE-2023-223xx/CVE-2023-22314.json index 24052aee4ce..31d59993b96 100644 --- a/CVE-2023/CVE-2023-223xx/CVE-2023-22314.json +++ b/CVE-2023/CVE-2023-223xx/CVE-2023-22314.json @@ -2,19 +2,75 @@ "id": "CVE-2023-22314", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-08-03T13:15:09.737", - "lastModified": "2023-08-03T15:37:04.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:23:35.113", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22317." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:omron:cx-programmer:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.79", + "matchCriteriaId": "4DB45EC6-3188-44F7-9E2A-ACAB2AF7414B" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/vu/JVNVU92877622/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-223xx/CVE-2023-22317.json b/CVE-2023/CVE-2023-223xx/CVE-2023-22317.json index 28f5666a2aa..ce1f1af14ea 100644 --- a/CVE-2023/CVE-2023-223xx/CVE-2023-22317.json +++ b/CVE-2023/CVE-2023-223xx/CVE-2023-22317.json @@ -2,19 +2,75 @@ "id": "CVE-2023-22317", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-08-03T13:15:09.797", - "lastModified": "2023-08-03T15:37:04.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:23:23.080", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22314." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:omron:cx-programmer:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.79", + "matchCriteriaId": "4DB45EC6-3188-44F7-9E2A-ACAB2AF7414B" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/vu/JVNVU92877622/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-246xx/CVE-2023-24698.json b/CVE-2023/CVE-2023-246xx/CVE-2023-24698.json new file mode 100644 index 00000000000..6eea585b80e --- /dev/null +++ b/CVE-2023/CVE-2023-246xx/CVE-2023-24698.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-24698", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-08T15:15:09.977", + "lastModified": "2023-08-08T15:24:41.210", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Insufficient parameter validation in the Foswiki::Sandbox component of Foswiki v2.1.7 and below allows attackers to perform a directory traversal via supplying a crafted web request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://foswiki.org/Support/SecurityAlert-CVE-2023-24698", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2423.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2423.json new file mode 100644 index 00000000000..0392cb9b7f9 --- /dev/null +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2423.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2423", + "sourceIdentifier": "PSIRT@rockwellautomation.com", + "published": "2023-08-08T15:15:10.163", + "lastModified": "2023-08-08T15:24:41.210", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nA vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event log. Threat actors could exploit this vulnerability by sending an influx of network commands, causing the product to generate an influx of event log traffic at a high rate. If exploited, the product would stop normal operations and self-reset creating a denial-of-service condition. The error code would need to be cleared prior to resuming normal operations.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "PSIRT@rockwellautomation.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "PSIRT@rockwellautomation.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-682" + } + ] + } + ], + "references": [ + { + "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140371", + "source": "PSIRT@rockwellautomation.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-256xx/CVE-2023-25600.json b/CVE-2023/CVE-2023-256xx/CVE-2023-25600.json index 8b0c687efa5..0376347075d 100644 --- a/CVE-2023/CVE-2023-256xx/CVE-2023-25600.json +++ b/CVE-2023/CVE-2023-256xx/CVE-2023-25600.json @@ -2,23 +2,82 @@ "id": "CVE-2023-25600", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-03T15:15:19.340", - "lastModified": "2023-08-03T15:37:04.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:58:49.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in InsydeH2O. A malicious operating system can tamper with a runtime-writable EFI variable, leading to out-of-bounds memory reads and a denial of service. This is fixed in version 01.01.04.0016." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:insyde:insydecrpkg:*:*:*:*:*:*:*:*", + "versionEndExcluding": "01.01.04.0016", + "matchCriteriaId": "C2C5FEC9-FB56-447D-A9E7-7BA603899A05" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.insyde.com/security-pledge", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" + ] }, { "url": "https://www.insyde.com/security-pledge/SA-2023028", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-337xx/CVE-2023-33756.json b/CVE-2023/CVE-2023-337xx/CVE-2023-33756.json new file mode 100644 index 00000000000..fa0ac67b080 --- /dev/null +++ b/CVE-2023/CVE-2023-337xx/CVE-2023-33756.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-33756", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-08T15:15:10.270", + "lastModified": "2023-08-08T15:24:41.210", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue in the SpreadSheetPlugin component of Foswiki v2.1.7 and below allows attackers to execute a directory traversal." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://foswiki.org/Support/SecurityAlert-CVE-2023-33756", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34196.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34196.json index 7df3ec238ff..a468102b17d 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34196.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34196.json @@ -2,23 +2,83 @@ "id": "CVE-2023-34196", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-03T03:15:10.480", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:42:28.803", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates (attributes and public keys) to unauthenticated or less privileged users may occur." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:keyfactor:ejbca:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.0", + "matchCriteriaId": "C84A93F0-D97D-49A7-AB5E-45D00E28FF78" + } + ] + } + ] + } + ], "references": [ { "url": "https://keyfactor.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://support.keyfactor.com/hc/en-us/articles/16671824556827-EJBCA-Security-Advisory-Partial-denial-of-service-attack-on-certificate-distribution-servlet-ejbca-ra-cert", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36136.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36136.json new file mode 100644 index 00000000000..537c7a34a1a --- /dev/null +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36136.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36136", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-08T15:15:10.337", + "lastModified": "2023-08-08T15:24:41.210", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an attacker to capture all user names and passwords in clear text." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://medium.com/@blakehodder/additional-vulnerabilities-in-php-jabbers-scripts-c6bbd89b24bb", + "source": "cve@mitre.org" + }, + { + "url": "https://www.phpjabbers.com/class-scheduling-system", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36306.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36306.json new file mode 100644 index 00000000000..a4807f602ba --- /dev/null +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36306.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36306", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-08T15:15:10.400", + "lastModified": "2023-08-08T15:24:41.210", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A Cross Site Scripting (XSS) vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.exploit-db.com/exploits/51643", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36480.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36480.json index 74af628945c..ac0b504a802 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36480.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36480.json @@ -2,12 +2,12 @@ "id": "CVE-2023-36480", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-04T15:15:10.210", - "lastModified": "2023-08-07T15:15:11.070", + "lastModified": "2023-08-08T15:15:10.467", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to version 7.0.0, some of the messages received from the server contain Java objects that the client deserializes when it encounters them without further validation. Attackers that manage to trick clients into communicating with a malicious server can include especially crafted objects in its responses that, once deserialized by the client, force it to execute arbitrary code. This can be abused to take control of the machine the client is running on. Version 7.0.0 contains a patch for this issue." + "value": "The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them without further validation. Attackers that manage to trick clients into communicating with a malicious server can include especially crafted objects in its responses that, once deserialized by the client, force it to execute arbitrary code. This can be abused to take control of the machine the client is running on. Versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 contain a patch for this issue." } ], "metrics": { @@ -75,6 +75,18 @@ "url": "https://github.com/aerospike/aerospike-client-java/blob/e40a49b3db0d2b3d45068910e1cb9d917c795315/client/src/com/aerospike/client/util/Unpacker.java#L227", "source": "security-advisories@github.com" }, + { + "url": "https://github.com/aerospike/aerospike-client-java/commit/02bf28e62fb186f004c82c87b219db2fc5b8262a", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/aerospike/aerospike-client-java/commit/51c65e32837da29435161a2d9c09bbdc2071ecae", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/aerospike/aerospike-client-java/commit/66aafb4cd743cf53baffaeaf69b035f51d2e2e36", + "source": "security-advisories@github.com" + }, { "url": "https://github.com/aerospike/aerospike-client-java/commit/80c508cc5ecb0173ce92d7fab8cfab5e77bd9900", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3651.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3651.json new file mode 100644 index 00000000000..f64bf1802fd --- /dev/null +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3651.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3651", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-08-08T15:15:10.587", + "lastModified": "2023-08-08T15:24:41.210", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digital Ant E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: before 11.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://https://www.usom.gov.tr/bildirim/tr-23-0443", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3652.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3652.json new file mode 100644 index 00000000000..e66c3e2b770 --- /dev/null +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3652.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3652", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-08-08T15:15:10.700", + "lastModified": "2023-08-08T15:24:41.210", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digital Ant E-Commerce Software allows Reflected XSS.This issue affects E-Commerce Software: before 11.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://https://www.usom.gov.tr/bildirim/tr-23-0443", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3653.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3653.json new file mode 100644 index 00000000000..80ea2a6a5fc --- /dev/null +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3653.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3653", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-08-08T15:15:10.817", + "lastModified": "2023-08-08T15:24:41.210", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digital Ant E-Commerce Software allows Stored XSS.This issue affects E-Commerce Software: before 11.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://https://www.usom.gov.tr/bildirim/tr-23-0443", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3662.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3662.json index 752b75ee864..733be56e9f4 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3662.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3662.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3662", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T11:15:09.977", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:44:56.483", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,33 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.5.17.0", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "D282EA7A-7746-4B5F-B24D-6BA88F95D8FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-021/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Mitigation", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3663.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3663.json index d6d940e21a1..274443f044b 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3663.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3663.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3663", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T11:15:10.077", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:43:48.747", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.5.11.20", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "49AED81C-45E5-4201-A4E1-2A33CB31743D" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-022/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37364.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37364.json index b0bdd0b7159..a8bd30d41a1 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37364.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37364.json @@ -2,23 +2,83 @@ "id": "CVE-2023-37364", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-03T03:15:10.630", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:29:59.697", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In WS-Inc J WBEM Server 4.7.4 before 4.7.5, the CIM-XML protocol adapter does not disable entity resolution. This allows context-dependent attackers to read arbitrary files or cause a denial of service, a similar issue to CVE-2013-4152." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ws-inc:j_wbem:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0", + "versionEndExcluding": "4.7.5", + "matchCriteriaId": "16809830-F790-4FAA-B833-47EE8EF15643" + } + ] + } + ] + } + ], "references": [ { "url": "https://ws-inc.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://ws-inc.com/security.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37497.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37497.json index aa7741cfddc..5f69f3019b9 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37497.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37497.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37497", "sourceIdentifier": "psirt@hcl.com", "published": "2023-08-03T22:15:12.257", - "lastModified": "2023-08-04T02:45:53.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:49:09.140", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "psirt@hcl.com", "type": "Secondary", @@ -34,10 +54,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hcltech:unica:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.1.0.6", + "matchCriteriaId": "A6ADEB04-3A2A-407A-B967-33963ACB39B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hcltech:unica:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.1.1", + "matchCriteriaId": "4829C84A-F964-4E21-849D-ACC127979B50" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106547", - "source": "psirt@hcl.com" + "source": "psirt@hcl.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37498.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37498.json index 92b1254f096..7ff8ebf2cdf 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37498.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37498.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37498", "sourceIdentifier": "psirt@hcl.com", "published": "2023-08-03T22:15:12.343", - "lastModified": "2023-08-04T02:45:53.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:40:20.647", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "psirt@hcl.com", "type": "Secondary", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hcltech:unica:*:*:*:*:*:*:*:*", + "versionEndExcluding": "12.1.1", + "matchCriteriaId": "633B4227-22EA-48D7-9962-C0880AC6F218" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106545", - "source": "psirt@hcl.com" + "source": "psirt@hcl.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37551.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37551.json index 7cd001d26f2..fa63f3506cc 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37551.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37551.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37551", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T12:15:10.257", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:42:44.287", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, @@ -46,10 +66,131 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37552.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37552.json index 2bbdda1cdc1..889832a29e9 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37552.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37552.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37552", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T12:15:10.353", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:43:03.593", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,13 +31,43 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,131 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37553.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37553.json index e97d789f521..a55019ed514 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37553.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37553.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37553", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T12:15:10.443", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:43:11.357", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +56,131 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37554.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37554.json index 193b00b2702..7cea31e5573 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37554.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37554.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37554", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T12:15:10.530", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:43:19.910", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +56,131 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37555.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37555.json index 0c2c2c2a86b..874aa552926 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37555.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37555.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37555", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T12:15:10.620", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:43:45.413", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +56,131 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37556.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37556.json index aff4bbf33ac..bbc893c3990 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37556.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37556.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37556", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T12:15:10.707", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:43:29.180", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +56,131 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37557.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37557.json index 2fd3b66552f..d3027cdc0aa 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37557.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37557.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37557", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T12:15:10.797", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:43:40.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,131 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37558.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37558.json index db31e395bfc..96f217c012f 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37558.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37558.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37558", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T12:15:10.890", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:43:58.523", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +56,131 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37559.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37559.json index 63c0bec6175..0f81c049c98 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37559.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37559.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37559", "sourceIdentifier": "info@cert.vde.com", "published": "2023-08-03T12:15:10.977", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:44:06.563", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +56,131 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.0.0", + "matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.19.20", + "matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38330.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38330.json index c3fc5cd9743..cc6bbd55ac4 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38330.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38330.json @@ -2,23 +2,83 @@ "id": "CVE-2023-38330", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-02T15:15:10.813", - "lastModified": "2023-08-02T16:55:04.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T15:27:15.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "OXID eShop Enterprise Edition 6.5.0 \u2013 6.5.2 before 6.5.3 allows uploading files with modified headers in the administration area. An attacker can upload a file with a modified header to create a HTTP Response Splitting attack." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oxid-esales:eshop:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "6.5.0", + "versionEndExcluding": "6.5.3", + "matchCriteriaId": "6ACFB3E2-42D6-40B1-BA15-00322A7BE2BC" + } + ] + } + ] + } + ], "references": [ { "url": "https://bugs.oxid-esales.com/view.php?id=7479", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://docs.oxid-esales.com/de/security/security-bulletins.html#security-bulletin-2023-002", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38958.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38958.json index fbd986fdb6f..5f9292a2d5b 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38958.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38958.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38958", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-03T02:15:09.823", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:51:10.603", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,73 @@ "value": "Un problema de control de acceso en ZKTeco BioAccess IVS v3.3.1 permite a atacantes no autenticados cerrar y abrir de forma arbitraria las puertas gestionadas por la plataforma de forma remota mediante el env\u00edo de una solicitud web manipulada." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zkteco:bioaccess_ivs:3.3.1:*:*:*:*:*:*:*", + "matchCriteriaId": "E5FA70E1-699A-4148-9140-FF80E8E9E1F7" + } + ] + } + ] + } + ], "references": [ { "url": "http://zkteco.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-38958", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39144.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39144.json index a2071429e56..67d1e550702 100644 --- a/CVE-2023/CVE-2023-391xx/CVE-2023-39144.json +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39144.json @@ -2,23 +2,83 @@ "id": "CVE-2023-39144", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-03T03:15:10.767", - "lastModified": "2023-08-03T12:40:03.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:03:16.777", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Element55 KnowMore appliances version 21 and older was discovered to store passwords in plaintext." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:element55:knowmore:*:*:*:*:*:*:*:*", + "versionEndExcluding": "22", + "matchCriteriaId": "FC331B50-4ADD-48BA-84A1-1B0AFA89B60E" + } + ] + } + ] + } + ], "references": [ { "url": "https://getknowmore.com/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/cduram/CVE-2023-39144", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-41xx/CVE-2023-4132.json b/CVE-2023/CVE-2023-41xx/CVE-2023-4132.json index 60753e6dde9..a292a2efd19 100644 --- a/CVE-2023/CVE-2023-41xx/CVE-2023-4132.json +++ b/CVE-2023/CVE-2023-41xx/CVE-2023-4132.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4132", "sourceIdentifier": "secalert@redhat.com", "published": "2023-08-03T15:15:32.833", - "lastModified": "2023-08-03T15:37:04.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:30:07.910", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -34,14 +54,80 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.2.16", + "matchCriteriaId": "BEDE106E-CAA4-49BC-A988-B6EE2B6F5081" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3FEADDA-2AEE-4F65-9401-971B585664A8" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-4132", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221707", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-41xx/CVE-2023-4133.json b/CVE-2023/CVE-2023-41xx/CVE-2023-4133.json index 5211eaa6c4d..5e6edb3411b 100644 --- a/CVE-2023/CVE-2023-41xx/CVE-2023-4133.json +++ b/CVE-2023/CVE-2023-41xx/CVE-2023-4133.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4133", "sourceIdentifier": "secalert@redhat.com", "published": "2023-08-03T15:15:33.940", - "lastModified": "2023-08-03T15:37:04.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-08T14:29:03.127", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -34,14 +54,85 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3", + "matchCriteriaId": "3769AA63-B0A8-4EF1-96F9-6A6A6B305A02" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3FEADDA-2AEE-4F65-9401-971B585664A8" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-4133", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221702", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 2fd558b0e2c..f08d09ac8d2 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-08T14:00:33.520996+00:00 +2023-08-08T16:01:35.968767+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-08T13:58:19.070000+00:00 +2023-08-08T15:58:49.607000+00:00 ``` ### Last Data Feed Release @@ -29,69 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -221977 +221985 ``` ### CVEs added in the last Commit -Recently added CVEs: `30` +Recently added CVEs: `8` -* [CVE-2023-24413](CVE-2023/CVE-2023-244xx/CVE-2023-24413.json) (`2023-08-08T12:15:10.817`) -* [CVE-2023-25063](CVE-2023/CVE-2023-250xx/CVE-2023-25063.json) (`2023-08-08T12:15:10.950`) -* [CVE-2023-25459](CVE-2023/CVE-2023-254xx/CVE-2023-25459.json) (`2023-08-08T12:15:11.077`) -* [CVE-2023-27415](CVE-2023/CVE-2023-274xx/CVE-2023-27415.json) (`2023-08-08T12:15:11.203`) -* [CVE-2023-27627](CVE-2023/CVE-2023-276xx/CVE-2023-27627.json) (`2023-08-08T12:15:11.337`) -* [CVE-2023-37682](CVE-2023/CVE-2023-376xx/CVE-2023-37682.json) (`2023-08-08T12:15:11.477`) -* [CVE-2023-37683](CVE-2023/CVE-2023-376xx/CVE-2023-37683.json) (`2023-08-08T12:15:11.587`) -* [CVE-2023-37684](CVE-2023/CVE-2023-376xx/CVE-2023-37684.json) (`2023-08-08T12:15:11.677`) -* [CVE-2023-37685](CVE-2023/CVE-2023-376xx/CVE-2023-37685.json) (`2023-08-08T12:15:11.773`) -* [CVE-2023-37686](CVE-2023/CVE-2023-376xx/CVE-2023-37686.json) (`2023-08-08T12:15:11.877`) -* [CVE-2023-37687](CVE-2023/CVE-2023-376xx/CVE-2023-37687.json) (`2023-08-08T12:15:11.967`) -* [CVE-2023-37688](CVE-2023/CVE-2023-376xx/CVE-2023-37688.json) (`2023-08-08T12:15:12.077`) -* [CVE-2023-37689](CVE-2023/CVE-2023-376xx/CVE-2023-37689.json) (`2023-08-08T12:15:12.150`) -* [CVE-2023-37690](CVE-2023/CVE-2023-376xx/CVE-2023-37690.json) (`2023-08-08T12:15:12.250`) -* [CVE-2023-3716](CVE-2023/CVE-2023-37xx/CVE-2023-3716.json) (`2023-08-08T12:15:12.417`) -* [CVE-2023-25984](CVE-2023/CVE-2023-259xx/CVE-2023-25984.json) (`2023-08-08T13:15:10.107`) -* [CVE-2023-28773](CVE-2023/CVE-2023-287xx/CVE-2023-28773.json) (`2023-08-08T13:15:10.233`) -* [CVE-2023-28931](CVE-2023/CVE-2023-289xx/CVE-2023-28931.json) (`2023-08-08T13:15:10.330`) -* [CVE-2023-28934](CVE-2023/CVE-2023-289xx/CVE-2023-28934.json) (`2023-08-08T13:15:10.427`) -* [CVE-2023-30482](CVE-2023/CVE-2023-304xx/CVE-2023-30482.json) (`2023-08-08T13:15:10.520`) -* [CVE-2023-31221](CVE-2023/CVE-2023-312xx/CVE-2023-31221.json) (`2023-08-08T13:15:10.617`) -* [CVE-2023-32292](CVE-2023/CVE-2023-322xx/CVE-2023-32292.json) (`2023-08-08T13:15:10.717`) -* [CVE-2023-36546](CVE-2023/CVE-2023-365xx/CVE-2023-36546.json) (`2023-08-08T13:15:10.807`) -* [CVE-2023-38384](CVE-2023/CVE-2023-383xx/CVE-2023-38384.json) (`2023-08-08T13:15:10.870`) -* [CVE-2023-4219](CVE-2023/CVE-2023-42xx/CVE-2023-4219.json) (`2023-08-08T13:15:12.633`) +* [CVE-2023-24698](CVE-2023/CVE-2023-246xx/CVE-2023-24698.json) (`2023-08-08T15:15:09.977`) +* [CVE-2023-2423](CVE-2023/CVE-2023-24xx/CVE-2023-2423.json) (`2023-08-08T15:15:10.163`) +* [CVE-2023-33756](CVE-2023/CVE-2023-337xx/CVE-2023-33756.json) (`2023-08-08T15:15:10.270`) +* [CVE-2023-36136](CVE-2023/CVE-2023-361xx/CVE-2023-36136.json) (`2023-08-08T15:15:10.337`) +* [CVE-2023-36306](CVE-2023/CVE-2023-363xx/CVE-2023-36306.json) (`2023-08-08T15:15:10.400`) +* [CVE-2023-3651](CVE-2023/CVE-2023-36xx/CVE-2023-3651.json) (`2023-08-08T15:15:10.587`) +* [CVE-2023-3652](CVE-2023/CVE-2023-36xx/CVE-2023-3652.json) (`2023-08-08T15:15:10.700`) +* [CVE-2023-3653](CVE-2023/CVE-2023-36xx/CVE-2023-3653.json) (`2023-08-08T15:15:10.817`) ### CVEs modified in the last Commit -Recently modified CVEs: `114` +Recently modified CVEs: `28` -* [CVE-2023-39181](CVE-2023/CVE-2023-391xx/CVE-2023-39181.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39182](CVE-2023/CVE-2023-391xx/CVE-2023-39182.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39183](CVE-2023/CVE-2023-391xx/CVE-2023-39183.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39184](CVE-2023/CVE-2023-391xx/CVE-2023-39184.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39185](CVE-2023/CVE-2023-391xx/CVE-2023-39185.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39186](CVE-2023/CVE-2023-391xx/CVE-2023-39186.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39187](CVE-2023/CVE-2023-391xx/CVE-2023-39187.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39188](CVE-2023/CVE-2023-391xx/CVE-2023-39188.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39269](CVE-2023/CVE-2023-392xx/CVE-2023-39269.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39419](CVE-2023/CVE-2023-394xx/CVE-2023-39419.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39549](CVE-2023/CVE-2023-395xx/CVE-2023-39549.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-27412](CVE-2023/CVE-2023-274xx/CVE-2023-27412.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-27416](CVE-2023/CVE-2023-274xx/CVE-2023-27416.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-27421](CVE-2023/CVE-2023-274xx/CVE-2023-27421.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-27422](CVE-2023/CVE-2023-274xx/CVE-2023-27422.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-29099](CVE-2023/CVE-2023-290xx/CVE-2023-29099.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-32503](CVE-2023/CVE-2023-325xx/CVE-2023-32503.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-36692](CVE-2023/CVE-2023-366xx/CVE-2023-36692.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-3717](CVE-2023/CVE-2023-37xx/CVE-2023-3717.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-4202](CVE-2023/CVE-2023-42xx/CVE-2023-4202.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-4203](CVE-2023/CVE-2023-42xx/CVE-2023-4203.json) (`2023-08-08T12:51:11.140`) -* [CVE-2023-39977](CVE-2023/CVE-2023-399xx/CVE-2023-39977.json) (`2023-08-08T13:15:12.430`) -* [CVE-2023-3268](CVE-2023/CVE-2023-32xx/CVE-2023-3268.json) (`2023-08-08T13:15:12.490`) -* [CVE-2023-1437](CVE-2023/CVE-2023-14xx/CVE-2023-1437.json) (`2023-08-08T13:50:58.210`) -* [CVE-2023-26430](CVE-2023/CVE-2023-264xx/CVE-2023-26430.json) (`2023-08-08T13:58:19.070`) +* [CVE-2023-39144](CVE-2023/CVE-2023-391xx/CVE-2023-39144.json) (`2023-08-08T14:03:16.777`) +* [CVE-2023-22277](CVE-2023/CVE-2023-222xx/CVE-2023-22277.json) (`2023-08-08T14:23:20.550`) +* [CVE-2023-22317](CVE-2023/CVE-2023-223xx/CVE-2023-22317.json) (`2023-08-08T14:23:23.080`) +* [CVE-2023-22314](CVE-2023/CVE-2023-223xx/CVE-2023-22314.json) (`2023-08-08T14:23:35.113`) +* [CVE-2023-4133](CVE-2023/CVE-2023-41xx/CVE-2023-4133.json) (`2023-08-08T14:29:03.127`) +* [CVE-2023-37364](CVE-2023/CVE-2023-373xx/CVE-2023-37364.json) (`2023-08-08T14:29:59.697`) +* [CVE-2023-4132](CVE-2023/CVE-2023-41xx/CVE-2023-4132.json) (`2023-08-08T14:30:07.910`) +* [CVE-2023-37498](CVE-2023/CVE-2023-374xx/CVE-2023-37498.json) (`2023-08-08T14:40:20.647`) +* [CVE-2023-34196](CVE-2023/CVE-2023-341xx/CVE-2023-34196.json) (`2023-08-08T14:42:28.803`) +* [CVE-2023-37497](CVE-2023/CVE-2023-374xx/CVE-2023-37497.json) (`2023-08-08T14:49:09.140`) +* [CVE-2023-38958](CVE-2023/CVE-2023-389xx/CVE-2023-38958.json) (`2023-08-08T14:51:10.603`) +* [CVE-2023-36480](CVE-2023/CVE-2023-364xx/CVE-2023-36480.json) (`2023-08-08T15:15:10.467`) +* [CVE-2023-38330](CVE-2023/CVE-2023-383xx/CVE-2023-38330.json) (`2023-08-08T15:27:15.263`) +* [CVE-2023-37551](CVE-2023/CVE-2023-375xx/CVE-2023-37551.json) (`2023-08-08T15:42:44.287`) +* [CVE-2023-37552](CVE-2023/CVE-2023-375xx/CVE-2023-37552.json) (`2023-08-08T15:43:03.593`) +* [CVE-2023-37553](CVE-2023/CVE-2023-375xx/CVE-2023-37553.json) (`2023-08-08T15:43:11.357`) +* [CVE-2023-37554](CVE-2023/CVE-2023-375xx/CVE-2023-37554.json) (`2023-08-08T15:43:19.910`) +* [CVE-2023-37556](CVE-2023/CVE-2023-375xx/CVE-2023-37556.json) (`2023-08-08T15:43:29.180`) +* [CVE-2023-37557](CVE-2023/CVE-2023-375xx/CVE-2023-37557.json) (`2023-08-08T15:43:40.077`) +* [CVE-2023-37555](CVE-2023/CVE-2023-375xx/CVE-2023-37555.json) (`2023-08-08T15:43:45.413`) +* [CVE-2023-3663](CVE-2023/CVE-2023-36xx/CVE-2023-3663.json) (`2023-08-08T15:43:48.747`) +* [CVE-2023-37558](CVE-2023/CVE-2023-375xx/CVE-2023-37558.json) (`2023-08-08T15:43:58.523`) +* [CVE-2023-37559](CVE-2023/CVE-2023-375xx/CVE-2023-37559.json) (`2023-08-08T15:44:06.563`) +* [CVE-2023-3662](CVE-2023/CVE-2023-36xx/CVE-2023-3662.json) (`2023-08-08T15:44:56.483`) +* [CVE-2023-25600](CVE-2023/CVE-2023-256xx/CVE-2023-25600.json) (`2023-08-08T15:58:49.607`) ## Download and Usage