Auto-Update: 2024-12-10T05:00:26.603480+00:00

CVE-2024/CVE-2024-371xx/CVE-2024-37143.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-37143",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2024-12-10T03:15:05.573",
+  "lastModified": "2024-12-10T03:15:05.573",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior to 1.2.0.0 contain an Improper Link Resolution Before File Access vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to execute arbitrary code on the system."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+          "baseScore": 10.0,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-59"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000258342/dsa-2024-405-security-update-for-dell-products-for-multiple-vulnerabilities",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-371xx/CVE-2024-37144.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-37144",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2024-12-10T03:15:05.730",
+  "lastModified": "2024-12-10T03:15:05.730",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior to 1.2.0.0 contain an Insecure Storage of Sensitive Information vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to use information disclosed to gain unauthorized access to pods within the cluster."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.5,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-922"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000258342/dsa-2024-405-security-update-for-dell-products-for-multiple-vulnerabilities",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-12-10T03:00:40.987361+00:00
+2024-12-10T05:00:26.603480+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-12-10T02:15:17.350000+00:00
+2024-12-10T03:15:05.730000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,26 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-272903
+272905
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `13`
+Recently added CVEs: `2`
 
-- [CVE-2024-32732](CVE-2024/CVE-2024-327xx/CVE-2024-32732.json) (`2024-12-10T01:15:05.130`)
-- [CVE-2024-47576](CVE-2024/CVE-2024-475xx/CVE-2024-47576.json) (`2024-12-10T01:15:05.340`)
-- [CVE-2024-47577](CVE-2024/CVE-2024-475xx/CVE-2024-47577.json) (`2024-12-10T01:15:05.500`)
-- [CVE-2024-47578](CVE-2024/CVE-2024-475xx/CVE-2024-47578.json) (`2024-12-10T01:15:05.660`)
-- [CVE-2024-47579](CVE-2024/CVE-2024-475xx/CVE-2024-47579.json) (`2024-12-10T01:15:05.817`)
-- [CVE-2024-47580](CVE-2024/CVE-2024-475xx/CVE-2024-47580.json) (`2024-12-10T01:15:05.973`)
-- [CVE-2024-47581](CVE-2024/CVE-2024-475xx/CVE-2024-47581.json) (`2024-12-10T01:15:06.127`)
-- [CVE-2024-47582](CVE-2024/CVE-2024-475xx/CVE-2024-47582.json) (`2024-12-10T01:15:06.280`)
-- [CVE-2024-47585](CVE-2024/CVE-2024-475xx/CVE-2024-47585.json) (`2024-12-10T01:15:06.437`)
-- [CVE-2024-53552](CVE-2024/CVE-2024-535xx/CVE-2024-53552.json) (`2024-12-10T02:15:17.177`)
-- [CVE-2024-53919](CVE-2024/CVE-2024-539xx/CVE-2024-53919.json) (`2024-12-10T02:15:17.350`)
-- [CVE-2024-54197](CVE-2024/CVE-2024-541xx/CVE-2024-54197.json) (`2024-12-10T01:15:06.573`)
-- [CVE-2024-54198](CVE-2024/CVE-2024-541xx/CVE-2024-54198.json) (`2024-12-10T01:15:06.713`)
+- [CVE-2024-37143](CVE-2024/CVE-2024-371xx/CVE-2024-37143.json) (`2024-12-10T03:15:05.573`)
+- [CVE-2024-37144](CVE-2024/CVE-2024-371xx/CVE-2024-37144.json) (`2024-12-10T03:15:05.730`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -254721,7 +254721,7 @@ CVE-2024-32728,0,0,81caa7a89bf8532b35bdcaed4aab1a08873f5292d326962ea6bfb888dbfd7
 CVE-2024-3273,0,0,e3e44b9a3a4ea2b228a7dfbca83bbc951e933501bb1dadf04b2691f25d37a328,2024-11-29T16:45:55.877000
 CVE-2024-32730,0,0,695fe6159fd605a6845d16b78c3f6855eef5716afa3f795f725476c7daf05e8f,2024-11-21T09:15:35.087000
 CVE-2024-32731,0,0,69cb7dd2c9b2dd11f893852362754456797fadd3be950b10a4aa67de88f5cb27,2024-11-21T09:15:35.287000
-CVE-2024-32732,1,1,2abefedb866e03e930c6cecd4bdedcc0408e2be426eacc41b761894fd6a0505f,2024-12-10T01:15:05.130000
+CVE-2024-32732,0,0,2abefedb866e03e930c6cecd4bdedcc0408e2be426eacc41b761894fd6a0505f,2024-12-10T01:15:05.130000
 CVE-2024-32733,0,0,5597a6e2c7884a2a3a07513fd6db9896548f5937bc0cc925de3838f3927d04fb,2024-11-21T09:15:35.440000
 CVE-2024-32735,0,0,e1c08764f84c170f6816869f2f759e0ed4cfc5599ca4087c587451b5feee6e06,2024-11-21T09:15:35.573000
 CVE-2024-32736,0,0,9538fbfa50dcd18099ee1130d68a97ab8d3c894f0ac901be4945f15496c1f622,2024-11-21T09:15:35.723000
@@ -258035,6 +258035,8 @@ CVE-2024-3714,0,0,f676f6aa3ea80163642b838ffc97366c6fd524d90413d89a27ae0fc5ef93d7
 CVE-2024-37140,0,0,e700dd8384686d59dc63698202c3202f899bcb254f2d0eb9c74ca4033afecdba,2024-11-21T09:23:17.183000
 CVE-2024-37141,0,0,ae07fdaf87c77dab376805804e1ae07d27c9caece9a648abb6d885d50da32cfd,2024-11-21T09:23:17.330000
 CVE-2024-37142,0,0,ddd4b85467c476513b25ea1c7c51f99cf08d5897ed43ab32a6a1b6b42be3ce3f,2024-08-08T21:17:18.647000
+CVE-2024-37143,1,1,197a2ae24481b5df4a85f280765bfb423d644b171a85bf1c1de77136a25586c0,2024-12-10T03:15:05.573000
+CVE-2024-37144,1,1,0a6d44cc6e0bc4c6ee1c6afa759b76576c3296205fae6b9f1280e3c48e02fe9f,2024-12-10T03:15:05.730000
 CVE-2024-37145,0,0,603e250630d8db36a65f2b32fc29bd909465783da4a4b9d605a69590653a4715,2024-11-21T09:23:17.597000
 CVE-2024-37146,0,0,e821fd740200ae8a142c50ef5c7f6d74765fdc916fffef75517e92f79dcfc790,2024-11-21T09:23:17.743000
 CVE-2024-37147,0,0,e8fb4db1994b2c8bec137eabef82837caa49013082af624f15b2d9e32283c316,2024-11-21T09:23:17.880000
@@ -265198,15 +265200,15 @@ CVE-2024-47565,0,0,36b5b2774ba0114a0b6b38d7c3f6e740ed1cceb643a386f25a7f0a47c8719
 CVE-2024-4757,0,0,8725ef836161b110d22ecb4616862fd191a65a364176246ebd41f0c649a57c8e,2024-11-21T09:43:32.290000
 CVE-2024-47574,0,0,b053f693b774c7953ae85400600819c5392a7ad8eccc8a3cd4089d5ddc67765d,2024-11-13T17:01:16.850000
 CVE-2024-47575,0,0,8a9e09b118d95daf165d3ea923803180c001f61012a5c234044b57c730876d25,2024-11-08T21:16:28.987000
-CVE-2024-47576,1,1,7822028e56eb1097a24ad34055869132253e944cc316de615377d86c2be11372,2024-12-10T01:15:05.340000
-CVE-2024-47577,1,1,98a023bf5cf54fc2e0ea443b4eb3b9c608d0863d146ef4e7207fafc4de1704d2,2024-12-10T01:15:05.500000
-CVE-2024-47578,1,1,60cf6c7cc344044ccbcb5e0fdecbb112cf6988080c5725b2e2561a61f9575100,2024-12-10T01:15:05.660000
-CVE-2024-47579,1,1,527ef67ad3c28cb74a0b62500323e74e5438a3eb19f95cf8fc9790bd5b396a51,2024-12-10T01:15:05.817000
+CVE-2024-47576,0,0,7822028e56eb1097a24ad34055869132253e944cc316de615377d86c2be11372,2024-12-10T01:15:05.340000
+CVE-2024-47577,0,0,98a023bf5cf54fc2e0ea443b4eb3b9c608d0863d146ef4e7207fafc4de1704d2,2024-12-10T01:15:05.500000
+CVE-2024-47578,0,0,60cf6c7cc344044ccbcb5e0fdecbb112cf6988080c5725b2e2561a61f9575100,2024-12-10T01:15:05.660000
+CVE-2024-47579,0,0,527ef67ad3c28cb74a0b62500323e74e5438a3eb19f95cf8fc9790bd5b396a51,2024-12-10T01:15:05.817000
 CVE-2024-4758,0,0,d41e2da8f56a81141c1d6a26b4d8b4813160d32bcb6e1fbad9c330dae3386b31,2024-11-21T09:43:32.473000
-CVE-2024-47580,1,1,7254699edac35a0ce23bb416d621432f700224e27ec99df8f8076ea8cff68864,2024-12-10T01:15:05.973000
-CVE-2024-47581,1,1,35acd1c4609482910fd137201ca7f4ec877d8aec0624e24f4b11387416c61a37,2024-12-10T01:15:06.127000
-CVE-2024-47582,1,1,30aae65a321b11c25d959c0e88f0f6a6e3528b63c339fd711c3666f0bf3dc91b,2024-12-10T01:15:06.280000
-CVE-2024-47585,1,1,7f38d1223356d1c7e143017acd962275b046c9087dc31405a5136919f60cb1bb,2024-12-10T01:15:06.437000
+CVE-2024-47580,0,0,7254699edac35a0ce23bb416d621432f700224e27ec99df8f8076ea8cff68864,2024-12-10T01:15:05.973000
+CVE-2024-47581,0,0,35acd1c4609482910fd137201ca7f4ec877d8aec0624e24f4b11387416c61a37,2024-12-10T01:15:06.127000
+CVE-2024-47582,0,0,30aae65a321b11c25d959c0e88f0f6a6e3528b63c339fd711c3666f0bf3dc91b,2024-12-10T01:15:06.280000
+CVE-2024-47585,0,0,7f38d1223356d1c7e143017acd962275b046c9087dc31405a5136919f60cb1bb,2024-12-10T01:15:06.437000
 CVE-2024-47586,0,0,4ceb7953030e3fa234dd1ba1a87029a0617b44243d9af99d6b7250030adfbb80,2024-11-12T13:55:21.227000
 CVE-2024-47587,0,0,d83d9507cb06d4cc8a25cf79772e753bfaeba0cd124c6337e7b89292c2b49e6c,2024-11-12T13:55:21.227000
 CVE-2024-47588,0,0,cb2939022f262ddc597473e468c8079493a059f6ca91972a8e3c0fa593d27e95,2024-11-12T13:55:21.227000
@@ -268685,7 +268687,7 @@ CVE-2024-53523,0,0,f6c4b1b131340f304393c7e2660d3f777adfa845ef58c906f19150ea50850
 CVE-2024-5353,0,0,797e03a5615e2bede928ac816012d8783c471de5bd74a0480881887afd7a657a,2024-11-21T09:47:28.863000
 CVE-2024-5354,0,0,e179ff0fdd33289a32ca4c68c73a51c0aa8ddee9c94944cd1d4fd7185f36a76c,2024-11-21T09:47:28.997000
 CVE-2024-5355,0,0,5ae56d862872a5268a44df2d0e26a54aa307acbf5ff2835727472c989e377b6d,2024-11-21T09:47:29.130000
-CVE-2024-53552,1,1,41ac72dbe5c5585c65e69b7f2466cd08184456c3154d29b8e54edba0fc0cdf66,2024-12-10T02:15:17.177000
+CVE-2024-53552,0,0,41ac72dbe5c5585c65e69b7f2466cd08184456c3154d29b8e54edba0fc0cdf66,2024-12-10T02:15:17.177000
 CVE-2024-53554,0,0,21a54d7bc341c058102c672add5c6a39faba0998e6b5d3050bab27868ab5983b,2024-11-26T16:15:18.520000
 CVE-2024-53555,0,0,98c9cd71300d5c5a0ee8cfe56c2efb641372e5ee4508b44193ca67680ed7c7bd,2024-11-26T21:15:08.560000
 CVE-2024-53556,0,0,197a1e9e5d0cdfa43597989d9978403511315370ea045225b596c7a587a5fd41,2024-11-27T17:15:14.917000
@@ -268896,7 +268898,7 @@ CVE-2024-53913,0,0,f29eb48b3cfa8a7826d6fe7adbaf2bce87f89a85e25f58c699946a9277a37
 CVE-2024-53914,0,0,e050babf2e1b2fa263009de5875d826c83245812f4e7813c8d122d68332fd2a8,2024-11-29T20:55:35.293000
 CVE-2024-53915,0,0,4605c52b83221ae0e3cdd10a9aad63d660542ba26783410343eed38f4ba2ed72,2024-11-29T20:55:43.810000
 CVE-2024-53916,0,0,7468505b685e2683f2dc63bcafcc06191cbfc06c9d73791b1fbe8d39601d18c5,2024-12-04T22:15:22.840000
-CVE-2024-53919,1,1,6cbcd518b1e1f9a5fb4869614bc06933366b57d9807437a88c8a97dc209fb0b6,2024-12-10T02:15:17.350000
+CVE-2024-53919,0,0,6cbcd518b1e1f9a5fb4869614bc06933366b57d9807437a88c8a97dc209fb0b6,2024-12-10T02:15:17.350000
 CVE-2024-5392,0,0,6be8d0f4dc47d176328e011891583492739b095279f214844a12528377250390,2024-11-21T09:47:33.860000
 CVE-2024-53920,0,0,a291ce56b664f688b2d6f36f512bf0b737cf558f95f0af0d70bd1b3310ba1ecf,2024-12-02T17:15:13.913000
 CVE-2024-53921,0,0,80ba8805361036f43b4514262b685ccd25900644ea805da6dca5ed5b14f2db17,2024-12-03T20:15:16.153000
@@ -268984,8 +268986,8 @@ CVE-2024-5416,0,0,2cc8eb5abc95e0327999359a16ced825b9a25c50e0044d232fce1c6bda48c6
 CVE-2024-5417,0,0,2c092c55b8a1a8c8890a1e4546beb75d8fbd37f20d02cbd8444692608bc2553d,2024-10-07T15:44:01.830000
 CVE-2024-5418,0,0,c3b6dacc234cf8a9c6de6913d07caa1810e24ada600d2b1f8edeb26c6b62184b,2024-11-21T09:47:36.970000
 CVE-2024-5419,0,0,bf78f58706f13dc16fbd00574fc12a2ad63186889150404f7c80cf6aaa4041da,2024-11-21T09:47:37.083000
-CVE-2024-54197,1,1,84512704efd8cf5928b6e97a966e4c26eba1bfe5b0a3d66a9012ed6786ae6df9,2024-12-10T01:15:06.573000
-CVE-2024-54198,1,1,5d8cd2869390636390e734d33c92e761670cb82009a7c3c895b3144d345fb18f,2024-12-10T01:15:06.713000
+CVE-2024-54197,0,0,84512704efd8cf5928b6e97a966e4c26eba1bfe5b0a3d66a9012ed6786ae6df9,2024-12-10T01:15:06.573000
+CVE-2024-54198,0,0,5d8cd2869390636390e734d33c92e761670cb82009a7c3c895b3144d345fb18f,2024-12-10T01:15:06.713000
 CVE-2024-5420,0,0,dbefceaecf14c94a5632c30e286eaf19c84cd096f95c11f7fef61c799e73a7ec,2024-11-21T09:47:37.207000
 CVE-2024-54205,0,0,ab4a813251a431eef4b691df34351928c648fb61652f1d094b5af65c4a956a0d,2024-12-06T14:15:25.220000
 CVE-2024-54206,0,0,d63be3e6d6e9f23f822343d5cd6ad1b64f490230e61d57b5eab9ded76a5db72a,2024-12-06T14:15:25.357000