From 9adf2b325924dad1e46f6b0dca743645b89b5d1f Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 4 May 2024 16:03:27 +0000 Subject: [PATCH] Auto-Update: 2024-05-04T16:00:37.497849+00:00 --- CVE-2023/CVE-2023-272xx/CVE-2023-27283.json | 59 +++++++++++++++++++++ CVE-2024/CVE-2024-272xx/CVE-2024-27268.json | 6 ++- README.md | 14 ++--- _state.csv | 7 +-- 4 files changed, 75 insertions(+), 11 deletions(-) create mode 100644 CVE-2023/CVE-2023-272xx/CVE-2023-27283.json diff --git a/CVE-2023/CVE-2023-272xx/CVE-2023-27283.json b/CVE-2023/CVE-2023-272xx/CVE-2023-27283.json new file mode 100644 index 00000000000..4e84348e71d --- /dev/null +++ b/CVE-2023/CVE-2023-272xx/CVE-2023-27283.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-27283", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-05-04T14:16:01.720", + "lastModified": "2024-05-04T14:16:01.720", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-204" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/248545", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7150191", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27268.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27268.json index 60fcd7d0168..70164b342f2 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27268.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27268.json @@ -2,7 +2,7 @@ "id": "CVE-2024-27268", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-04-04T18:15:13.823", - "lastModified": "2024-04-04T19:24:50.670", + "lastModified": "2024-05-04T14:16:02.520", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -58,6 +58,10 @@ { "url": "https://www.ibm.com/support/pages/node/7145809", "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.kb.cert.org/vuls/id/421644", + "source": "psirt@us.ibm.com" } ] } \ No newline at end of file diff --git a/README.md b/README.md index c7fff29feea..f34fdd5a182 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-05-04T10:00:37.429866+00:00 +2024-05-04T16:00:37.497849+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-05-04T08:15:06.840000+00:00 +2024-05-04T14:16:02.520000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -248593 +248594 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `1` -- [CVE-2023-7065](CVE-2023/CVE-2023-70xx/CVE-2023-7065.json) (`2024-05-04T08:15:06.550`) -- [CVE-2024-1050](CVE-2024/CVE-2024-10xx/CVE-2024-1050.json) (`2024-05-04T08:15:06.840`) +- [CVE-2023-27283](CVE-2023/CVE-2023-272xx/CVE-2023-27283.json) (`2024-05-04T14:16:01.720`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2024-27268](CVE-2024/CVE-2024-272xx/CVE-2024-27268.json) (`2024-05-04T14:16:02.520`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 5e37300abfe..cff49baffe7 100644 --- a/_state.csv +++ b/_state.csv @@ -219410,6 +219410,7 @@ CVE-2023-27270,0,0,873b18317dd4ac8c2f14a680e317a5a118f55cbcefa336562dbe954494beb CVE-2023-27271,0,0,8284844bf54cfd7bb4b678b90b0b8d85d858a5b3740ed957d4803d0fc25fb260,2023-04-11T21:15:22.050000 CVE-2023-27279,0,0,b5e9a98cf2207b76577df8fe463bfe0ba477c1b00fe06cf57810d06b6ab300b6,2024-04-29T19:57:46.897000 CVE-2023-2728,0,0,db4263098f8eea9bcf6dd650f5ebddd0e9c3582204469ef5971950edb75348d8,2023-08-03T15:15:22.860000 +CVE-2023-27283,1,1,732c57a977e1512ee63ade2a9c5610935edcfb96a41530369fe961790ad75831,2024-05-04T14:16:01.720000 CVE-2023-27284,0,0,201c1001467e80a713ebd50b41380341ad696419bb825fa68fa9c23432b68099,2023-11-07T04:09:53.547000 CVE-2023-27285,0,0,f2131cd2d571ca0dee7084ef79c8b6e195afd2f889d689a9d309344d12c56ae1,2023-06-09T23:02:39.303000 CVE-2023-27286,0,0,6a4ae5f12329a5eb3831bf43883435d49e58fb807fd96ffb822f1d7cbc528ad9,2023-11-07T04:09:53.663000 @@ -239099,7 +239100,7 @@ CVE-2023-7059,0,0,b6a0dfdf81e1ca56ef4b0edf4432ab50e1975e98e831e1cf3171374b75dbda CVE-2023-7060,0,0,870c4c6f56986f33349af68dd953c9d20d9666a23a3fcc4c635253c7bfdfd579,2024-03-17T22:38:29.433000 CVE-2023-7063,0,0,b4ea8b21168c95c8af14241fc9e5a2534b49b7e49280bde929827672bda636ed,2024-01-30T23:02:10.287000 CVE-2023-7064,0,0,8841b451446bda90f5d1b860898f9f16106d5b125599e60a20a774054b7927b1,2024-05-02T18:00:37.360000 -CVE-2023-7065,1,1,49371ee15ae23d9fc7a3cbc55a4ca7d9b0d767ca711e2847b3cb900797332252,2024-05-04T08:15:06.550000 +CVE-2023-7065,0,0,49371ee15ae23d9fc7a3cbc55a4ca7d9b0d767ca711e2847b3cb900797332252,2024-05-04T08:15:06.550000 CVE-2023-7067,0,0,a350dd31186102716b3efb773999c9f71f57b3259c75b00fd6977a38349b2a64,2024-05-02T18:00:37.360000 CVE-2023-7068,0,0,ef1408f6c6fd79c5af19d0633c8238c454cea54fd087b8b89da5773f13dad91a,2024-01-09T20:19:48.597000 CVE-2023-7069,0,0,76accaf19ff7061689b623859471b6167bfd5be5c4040f161f8f881f1093dc5f,2024-02-07T16:28:40.250000 @@ -240104,7 +240105,7 @@ CVE-2024-1046,0,0,04593d809e4dc181ec893504bde5771d15890d7d13ac640142c747dade4cf5 CVE-2024-1047,0,0,e96e7a026577614e85a9cd48b2c7dde028c96bb69e07a747ad9c4e24f36cb0c3,2024-02-08T14:20:23.387000 CVE-2024-1048,0,0,495c8467c0a7d4a693fb459e641fac11f8ccad823f21cf005924b6f372488011,2024-04-30T14:15:14.463000 CVE-2024-1049,0,0,702f1183a27878b714f97a3e0cfdf1563c3306eb8a17f785c7b1a1586e029403,2024-03-25T01:51:01.223000 -CVE-2024-1050,1,1,c2e5358ea8345aa777934986ebe1975868e8e6909986c16ffdffd23593ca3b93,2024-05-04T08:15:06.840000 +CVE-2024-1050,0,0,c2e5358ea8345aa777934986ebe1975868e8e6909986c16ffdffd23593ca3b93,2024-05-04T08:15:06.840000 CVE-2024-1051,0,0,9345c0a6e775599660e2c0fec1004a4350e5763beb3848cc0939db67ee25aa7d,2024-04-01T01:12:59.077000 CVE-2024-1052,0,0,cf5f5c6bda7a4876cbb6b2b3fc9e6319f0131320e8b68a9cc322eb9aae681763,2024-02-15T18:49:40.180000 CVE-2024-1053,0,0,47a983161efc38cb28d2682fa08d2baacc5d0ed2824df2057fa217999f12681f,2024-02-22T19:07:27.197000 @@ -245029,7 +245030,7 @@ CVE-2024-2726,0,0,86fe8b0d397a8074a2c940021570750a55036cbee3d4d8f0a542dcc682e4af CVE-2024-27261,0,0,bbed66d7d6087a4518d3eea41ca0d4f2f5d3d3e2b2ec24c87084c9ef60c5b4e2,2024-04-15T13:15:51.577000 CVE-2024-27265,0,0,caf2cbef481f9d0206d06f75a38ca052c5291ba0582e91875cea8f52e6d86a34,2024-03-19T16:52:02.767000 CVE-2024-27266,0,0,f3ab0f27c5fbbc81843b4329fa53134d5b91174cad9bacbbc5dbf01cfacc3864,2024-03-19T16:52:35.400000 -CVE-2024-27268,0,0,210225d282a1e587fa6b89b65331c3c6b0e4c4199f9cccf337b46202df5cd5cd,2024-04-04T19:24:50.670000 +CVE-2024-27268,0,1,5ee3875e7ce23e0a22f3973d639f8ec37762f6a4d7ebf553d0b8d456239df178,2024-05-04T14:16:02.520000 CVE-2024-2727,0,0,958214357d5cfc59c51fd0300fa3ab5e09b0479b417a5156cb98159538007f76,2024-03-22T15:34:43.663000 CVE-2024-27270,0,0,90fac36f214c0b31b291ee9cc7c1398845637888710e65e72962c5636284122e,2024-03-27T15:49:51.300000 CVE-2024-27277,0,0,6c09ef572e665868238fb6d81d7d941702112e8d7fb954bfa230fe4edfeb437e,2024-03-21T19:47:03.943000