From 9efd05a2f9736ff0a8b53655c883f2b2ff1ad9db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Helmke?= <rene.helmke@fkie.fraunhofer.de>
Date: Wed, 26 Apr 2023 12:00:27 +0200
Subject: [PATCH] Auto-Update: 2023-04-26T10:00:24.075044+00:00

---
 CVE-2023/CVE-2023-22xx/CVE-2023-2273.json | 55 +++++++++++++++++++++++
 README.md                                 | 12 ++---
 2 files changed, 61 insertions(+), 6 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-22xx/CVE-2023-2273.json

diff --git a/CVE-2023/CVE-2023-22xx/CVE-2023-2273.json b/CVE-2023/CVE-2023-22xx/CVE-2023-2273.json
new file mode 100644
index 00000000000..5aef90a473f
--- /dev/null
+++ b/CVE-2023/CVE-2023-22xx/CVE-2023-2273.json
@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-2273",
+  "sourceIdentifier": "cve@rapid7.con",
+  "published": "2023-04-26T09:15:09.117",
+  "lastModified": "2023-04-26T09:15:09.117",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write arbitrary files. This issue is remediated in version 3.3.0 via safe guards that reject inputs that attempt to do path traversal."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@rapid7.con",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@rapid7.con",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-22"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://docs.rapid7.com/release-notes/insightagent/20230425/",
+      "source": "cve@rapid7.con"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 99f60ee6e33..ae67aeaaf07 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD in 2 hour periods.
 ### Last repository update
 
 ```plain
-2023-04-26T08:00:09.444056+00:00
+2023-04-26T10:00:24.075044+00:00
 ```
 
 ### Most recent CVE modification timestamp synchronized with NVD
 
 ```plain
-2023-04-26T06:15:09.283000+00:00
+2023-04-26T09:15:09.117000+00:00
 ```
 
 ### Last Data Feed release
@@ -23,20 +23,20 @@ Repository synchronizes with the NVD in 2 hour periods.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-datafeeds/releases/latest)
 
 ```plain
-2023-04-25T22:00:21.008144+00:00
+2023-04-26T08:04:06.457730+00:00
 ```
 
 ### Total numbers of included CVEs
 
-```plain
-213578
+```plai#n
+213579
 ```
 
 ### CVEs added in the last commit
 
 Recently added CVEs: `1`
 
-* CVE-2023-2294 (*2023-04-26T06:15:09.283*)
+* CVE-2023-2273 (*2023-04-26T09:15:09.117*)
 
 
 ### CVEs modified in the last commit