diff --git a/CVE-2021/CVE-2021-322xx/CVE-2021-32292.json b/CVE-2021/CVE-2021-322xx/CVE-2021-32292.json index 2d9e765ddeb..1b4db718df2 100644 --- a/CVE-2021/CVE-2021-322xx/CVE-2021-32292.json +++ b/CVE-2021/CVE-2021-322xx/CVE-2021-32292.json @@ -2,12 +2,12 @@ "id": "CVE-2021-32292", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-22T19:16:20.350", - "lastModified": "2023-08-31T04:15:10.147", + "lastModified": "2023-09-14T21:15:09.633", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An issue was discovered in json-c through 0.15-20200726. A stack-buffer-overflow exists in the function parseit located in json_parse.c. It allows an attacker to cause code Execution." + "value": "An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23842.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23842.json index c9a7f887f72..7a556c2a14b 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23842.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23842.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23842", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-07-26T15:15:10.167", - "lastModified": "2023-08-03T13:49:06.190", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-14T20:15:09.147", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -33,12 +33,12 @@ "impactScore": 5.9 }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "ADJACENT_NETWORK", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", @@ -46,17 +46,17 @@ "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 6.8, - "baseSeverity": "MEDIUM" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 0.9, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "description": [ { @@ -66,7 +66,7 @@ ] }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { diff --git a/CVE-2023/CVE-2023-255xx/CVE-2023-25584.json b/CVE-2023/CVE-2023-255xx/CVE-2023-25584.json new file mode 100644 index 00000000000..ecc5d1befd0 --- /dev/null +++ b/CVE-2023/CVE-2023-255xx/CVE-2023-25584.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-25584", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T21:15:10.023", + "lastModified": "2023-09-14T21:15:10.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-25584", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167467", + "source": "secalert@redhat.com" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=77c225bdeb410cf60da804879ad41622f5f1aa44", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-255xx/CVE-2023-25585.json b/CVE-2023/CVE-2023-255xx/CVE-2023-25585.json new file mode 100644 index 00000000000..1d5750aa498 --- /dev/null +++ b/CVE-2023/CVE-2023-255xx/CVE-2023-25585.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-25585", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T21:15:10.147", + "lastModified": "2023-09-14T21:15:10.147", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-25585", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167498", + "source": "secalert@redhat.com" + }, + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29892", + "source": "secalert@redhat.com" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=65cf035b8dc1df5d8020e0b1449514a3c42933e7", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-255xx/CVE-2023-25586.json b/CVE-2023/CVE-2023-255xx/CVE-2023-25586.json new file mode 100644 index 00000000000..3e5ff12e849 --- /dev/null +++ b/CVE-2023/CVE-2023-255xx/CVE-2023-25586.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-25586", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T21:15:10.240", + "lastModified": "2023-09-14T21:15:10.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-25586", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167502", + "source": "secalert@redhat.com" + }, + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29855", + "source": "secalert@redhat.com" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5830876a0cca17bef3b2d54908928e72cca53502", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-255xx/CVE-2023-25588.json b/CVE-2023/CVE-2023-255xx/CVE-2023-25588.json new file mode 100644 index 00000000000..562ef0deffb --- /dev/null +++ b/CVE-2023/CVE-2023-255xx/CVE-2023-25588.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-25588", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T21:15:10.320", + "lastModified": "2023-09-14T21:15:10.320", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-25588", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167505", + "source": "secalert@redhat.com" + }, + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29677", + "source": "secalert@redhat.com" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d12f8998d2d086f0a6606589e5aedb7147e6f2f1", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29499.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29499.json new file mode 100644 index 00000000000..83546ed61b9 --- /dev/null +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29499.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-29499", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T20:15:09.420", + "lastModified": "2023-09-14T20:15:09.420", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-29499", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211828", + "source": "secalert@redhat.com" + }, + { + "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2794", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32611.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32611.json new file mode 100644 index 00000000000..021fc4ddf17 --- /dev/null +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32611.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-32611", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T20:15:09.550", + "lastModified": "2023-09-14T20:15:09.550", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-32611", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211829", + "source": "secalert@redhat.com" + }, + { + "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2797", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32636.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32636.json new file mode 100644 index 00000000000..02a8045be62 --- /dev/null +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32636.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32636", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T20:15:09.653", + "lastModified": "2023-09-14T20:15:09.653", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2841", + "source": "secalert@redhat.com" + }, + { + "url": "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32643.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32643.json new file mode 100644 index 00000000000..70e5b6db2bf --- /dev/null +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32643.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32643", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T20:15:09.770", + "lastModified": "2023-09-14T20:15:09.770", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2840", + "source": "secalert@redhat.com" + }, + { + "url": "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32665.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32665.json new file mode 100644 index 00000000000..1c5a6d980ed --- /dev/null +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32665.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-32665", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T20:15:09.883", + "lastModified": "2023-09-14T20:15:09.883", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-32665", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211827", + "source": "secalert@redhat.com" + }, + { + "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2121", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33225.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33225.json index f7c4680dd8a..4fca413c017 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33225.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33225.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33225", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-07-26T14:15:10.417", - "lastModified": "2023-08-03T13:55:07.090", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-14T20:15:09.977", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -33,12 +33,12 @@ "impactScore": 5.9 }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "ADJACENT_NETWORK", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", @@ -46,32 +46,32 @@ "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 6.8, - "baseSeverity": "MEDIUM" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 0.9, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-697" + "value": "CWE-862" } ] }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-862" + "value": "CWE-697" } ] } diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33229.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33229.json index 866f2752377..c23ab0e8375 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33229.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33229.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33229", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-07-26T15:15:10.257", - "lastModified": "2023-08-03T13:27:41.730", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-14T20:15:10.107", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -33,30 +33,30 @@ "impactScore": 1.4 }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", - "baseScore": 3.1, + "baseScore": 3.5, "baseSeverity": "LOW" }, - "exploitabilityScore": 1.6, + "exploitabilityScore": 2.1, "impactScore": 1.4 } ] }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "description": [ { @@ -66,7 +66,7 @@ ] }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35179.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35179.json index a84590030bc..8e1bb0ac97f 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35179.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35179.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35179", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-08-11T00:15:09.283", - "lastModified": "2023-08-17T16:27:56.180", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-14T20:15:10.237", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -33,23 +33,23 @@ "impactScore": 5.9 }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", - "attackComplexity": "HIGH", + "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 6.6, - "baseSeverity": "MEDIUM" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 0.7, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] diff --git a/CVE-2023/CVE-2023-367xx/CVE-2023-36773.json b/CVE-2023/CVE-2023-367xx/CVE-2023-36773.json index 24f9baf37ba..fdd3d2f3b73 100644 --- a/CVE-2023/CVE-2023-367xx/CVE-2023-36773.json +++ b/CVE-2023/CVE-2023-367xx/CVE-2023-36773.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36773", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:14.080", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:18:56.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*", + "versionEndExcluding": "20.0.4.0", + "matchCriteriaId": "6E1E06B9-1C1C-42DB-A2C8-56052207C971" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36773", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-367xx/CVE-2023-36777.json b/CVE-2023/CVE-2023-367xx/CVE-2023-36777.json index d557cf3ae28..9a2ac856585 100644 --- a/CVE-2023/CVE-2023-367xx/CVE-2023-36777.json +++ b/CVE-2023/CVE-2023-367xx/CVE-2023-36777.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36777", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:14.180", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:19:15.323", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,213 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*", + "matchCriteriaId": "8039FBA1-73D4-4FF2-B183-0DCC961CBFF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*", + "matchCriteriaId": "56728785-188C-470A-9692-E6C7235109CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*", + "matchCriteriaId": "63E362CB-CF75-4B7E-A4B1-D6D84AFCBB68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*", + "matchCriteriaId": "9BE04790-85A2-4078-88CE-1787BC5172E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*", + "matchCriteriaId": "CCF101BE-27FD-4E2D-A694-C606BD3D1ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*", + "matchCriteriaId": "4DF5BDB5-205D-4B64-A49A-0152AFCF4A13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*", + "matchCriteriaId": "55284CF7-0D04-4216-83FE-4B1F9CA94207" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*", + "matchCriteriaId": "CA2CE223-AA49-49E6-AC32-59270EFF55AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*", + "matchCriteriaId": "4830D6A9-AF74-480C-8F69-8648CD619980" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*", + "matchCriteriaId": "079E1E3F-FF25-4B0D-AC98-191D6455A014" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*", + "matchCriteriaId": "29805EC7-6403-44B9-91EC-109C087E98EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", + "matchCriteriaId": "28FCA0E8-7D27-4746-9731-91B834CA3E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*", + "matchCriteriaId": "996163E7-6F3F-4D3B-AEA4-62A7F7E1F54D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*", + "matchCriteriaId": "19C1EE0C-B8DD-4B91-BE4B-1C42D72FB718" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*", + "matchCriteriaId": "3BE427A4-B0C2-4064-8234-29426325C348" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*", + "matchCriteriaId": "449CE85B-E599-44D3-A7C1-5133F6A55E86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*", + "matchCriteriaId": "FE401B0A-DDE4-4A36-8E27-6DB14E094BE2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*", + "matchCriteriaId": "450319C4-7C8F-43B7-B7F8-80DA4F1F2817" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*", + "matchCriteriaId": "23015889-48AF-40A5-862F-290E73A54E77" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*", + "matchCriteriaId": "4FC34516-D7E7-4AD9-9B45-5474831548E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*", + "matchCriteriaId": "5211792E-5292-41C0-B7E9-8AA63EC606EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*", + "matchCriteriaId": "075E907F-AF2F-4C31-86C7-51972BE412A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*", + "matchCriteriaId": "69AF19DC-3D65-49A8-A85F-511085CDF27B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*", + "matchCriteriaId": "40D8A6DB-9225-4A3F-AD76-192F6CCCF002" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*", + "matchCriteriaId": "051DE6C4-7456-4C42-BC51-253208AADB4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*", + "matchCriteriaId": "B4185347-EEDD-4239-9AB3-410E2EC89D2A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*", + "matchCriteriaId": "435343A4-BF10-461A-ABF2-D511A5FBDA75" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*", + "matchCriteriaId": "EE320413-D2C9-4B28-89BF-361B44A3F0FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*", + "matchCriteriaId": "104F96DC-E280-4E0A-8586-B043B55888C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*", + "matchCriteriaId": "73B3B3FE-7E85-4B86-A983-2C410FFEF4B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*", + "matchCriteriaId": "8A9FB275-7F17-48B2-B528-BE89309D2AF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*", + "matchCriteriaId": "D4AB3C25-CEA8-4D66-AEE4-953C8B17911A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*", + "matchCriteriaId": "36CE5C6D-9A04-41F5-AE7C-265779833649" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*", + "matchCriteriaId": "44ECF39A-1DE1-4870-A494-06A53494338D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", + "matchCriteriaId": "71CDF29B-116B-4DE2-AFD0-B62477FF0AEB" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36777", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-367xx/CVE-2023-36788.json b/CVE-2023/CVE-2023-367xx/CVE-2023-36788.json index 09af1737465..39e2e7c5fed 100644 --- a/CVE-2023/CVE-2023-367xx/CVE-2023-36788.json +++ b/CVE-2023/CVE-2023-367xx/CVE-2023-36788.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36788", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:14.437", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:19:29.113", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,270 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", + "matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "D400E856-2B2E-4CEA-8CA5-309FDF371CEA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*", + "matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D4793BFB-2E4E-4067-87A5-4B8749025CA3" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36788", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-367xx/CVE-2023-36792.json b/CVE-2023/CVE-2023-367xx/CVE-2023-36792.json index e987dc7a8bd..ef16ae8a363 100644 --- a/CVE-2023/CVE-2023-367xx/CVE-2023-36792.json +++ b/CVE-2023/CVE-2023-367xx/CVE-2023-36792.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36792", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:14.510", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:21:09.883", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,429 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", + "matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "D400E856-2B2E-4CEA-8CA5-309FDF371CEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*", + "matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D4793BFB-2E4E-4067-87A5-4B8749025CA3" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*", + "matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", + "matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", + "matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4E2C6C0-FD91-40D9-B1A4-C1C348A156C7" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.9.57", + "matchCriteriaId": "482C808D-C0EB-479D-B8A2-D7B04DB4854F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.11.30", + "matchCriteriaId": "40434953-906B-453E-9F4C-46BF0F693E06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.2", + "versionEndExcluding": "17.2.19", + "matchCriteriaId": "E7698BEE-8540-4F0C-A500-1393055B88F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.4", + "versionEndExcluding": "17.4.11", + "matchCriteriaId": "8174DBE5-A4BB-4FA6-B921-B2E82B08DAC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.7", + "versionEndExcluding": "17.7.4", + "matchCriteriaId": "E8241557-9AD7-42D9-AF07-4C7C1A19AB53" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-367xx/CVE-2023-36793.json b/CVE-2023/CVE-2023-367xx/CVE-2023-36793.json index 5b652c2a249..193a1a38bf6 100644 --- a/CVE-2023/CVE-2023-367xx/CVE-2023-36793.json +++ b/CVE-2023/CVE-2023-367xx/CVE-2023-36793.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36793", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:14.627", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:21:16.583", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,434 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", + "matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "D400E856-2B2E-4CEA-8CA5-309FDF371CEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*", + "matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D4793BFB-2E4E-4067-87A5-4B8749025CA3" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*", + "matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", + "matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", + "matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4E2C6C0-FD91-40D9-B1A4-C1C348A156C7" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.9.57", + "matchCriteriaId": "482C808D-C0EB-479D-B8A2-D7B04DB4854F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.11.30", + "matchCriteriaId": "40434953-906B-453E-9F4C-46BF0F693E06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.2", + "versionEndExcluding": "17.2.19", + "matchCriteriaId": "E7698BEE-8540-4F0C-A500-1393055B88F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.4", + "versionEndExcluding": "17.4.11", + "matchCriteriaId": "8174DBE5-A4BB-4FA6-B921-B2E82B08DAC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.7", + "versionEndExcluding": "17.7.4", + "matchCriteriaId": "E8241557-9AD7-42D9-AF07-4C7C1A19AB53" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-367xx/CVE-2023-36794.json b/CVE-2023/CVE-2023-367xx/CVE-2023-36794.json index adea9cf4ca4..2a985223cde 100644 --- a/CVE-2023/CVE-2023-367xx/CVE-2023-36794.json +++ b/CVE-2023/CVE-2023-367xx/CVE-2023-36794.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36794", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:14.947", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:21:25.387", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,434 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", + "matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "D400E856-2B2E-4CEA-8CA5-309FDF371CEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*", + "matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D4793BFB-2E4E-4067-87A5-4B8749025CA3" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*", + "matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", + "matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", + "matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4E2C6C0-FD91-40D9-B1A4-C1C348A156C7" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.9.57", + "matchCriteriaId": "482C808D-C0EB-479D-B8A2-D7B04DB4854F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.11.30", + "matchCriteriaId": "40434953-906B-453E-9F4C-46BF0F693E06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.2", + "versionEndExcluding": "17.2.19", + "matchCriteriaId": "E7698BEE-8540-4F0C-A500-1393055B88F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.4", + "versionEndExcluding": "17.4.11", + "matchCriteriaId": "8174DBE5-A4BB-4FA6-B921-B2E82B08DAC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.7", + "versionEndExcluding": "17.7.4", + "matchCriteriaId": "E8241557-9AD7-42D9-AF07-4C7C1A19AB53" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-367xx/CVE-2023-36796.json b/CVE-2023/CVE-2023-367xx/CVE-2023-36796.json index 4b9df0edbb1..7752d8edbb5 100644 --- a/CVE-2023/CVE-2023-367xx/CVE-2023-36796.json +++ b/CVE-2023/CVE-2023-367xx/CVE-2023-36796.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36796", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:15.173", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:21:35.087", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,434 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", + "matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*", + "matchCriteriaId": "D400E856-2B2E-4CEA-8CA5-309FDF371CEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*", + "matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D4793BFB-2E4E-4067-87A5-4B8749025CA3" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*", + "matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", + "matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", + "matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4E2C6C0-FD91-40D9-B1A4-C1C348A156C7" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.9.57", + "matchCriteriaId": "482C808D-C0EB-479D-B8A2-D7B04DB4854F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.11.30", + "matchCriteriaId": "40434953-906B-453E-9F4C-46BF0F693E06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.2", + "versionEndExcluding": "17.2.19", + "matchCriteriaId": "E7698BEE-8540-4F0C-A500-1393055B88F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.4", + "versionEndExcluding": "17.4.11", + "matchCriteriaId": "8174DBE5-A4BB-4FA6-B921-B2E82B08DAC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.7", + "versionEndExcluding": "17.7.4", + "matchCriteriaId": "E8241557-9AD7-42D9-AF07-4C7C1A19AB53" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-367xx/CVE-2023-36799.json b/CVE-2023/CVE-2023-367xx/CVE-2023-36799.json index 8ec7b2b1870..137d92ab9db 100644 --- a/CVE-2023/CVE-2023-367xx/CVE-2023-36799.json +++ b/CVE-2023/CVE-2023-367xx/CVE-2023-36799.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36799", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:15.253", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:21:52.743", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,76 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4E2C6C0-FD91-40D9-B1A4-C1C348A156C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.2", + "versionEndExcluding": "17.2.19", + "matchCriteriaId": "E7698BEE-8540-4F0C-A500-1393055B88F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.4", + "versionEndExcluding": "17.4.11", + "matchCriteriaId": "8174DBE5-A4BB-4FA6-B921-B2E82B08DAC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.6", + "versionEndExcluding": "17.6.7", + "matchCriteriaId": "16BAD93C-DFE9-4F94-99DC-230195CCD62A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.7", + "versionEndExcluding": "17.7.4", + "matchCriteriaId": "E8241557-9AD7-42D9-AF07-4C7C1A19AB53" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36800.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36800.json index 1ddf6317149..cbe596552eb 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36800.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36800.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36800", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:15.330", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:22:15.590", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", @@ -34,10 +54,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:dynamics_365:*:*:*:*:*:finance_and_operations:*:*", + "versionEndExcluding": "10.0.1695", + "matchCriteriaId": "EEC95E09-BB4C-4FAD-9E7D-F2079FE7BA35" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36800", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36801.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36801.json index 78c08948e61..7afe8ddca7d 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36801.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36801.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36801", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:15.407", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:22:28.163", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,73 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36801", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36802.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36802.json index f44722ff48e..48c876b372b 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36802.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36802.json @@ -2,8 +2,12 @@ "id": "CVE-2023-36802", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:15.487", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:09:50.733", + "vulnStatus": "Analyzed", + "cisaExploitAdd": "2023-09-12", + "cisaActionDue": "2023-10-03", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft Streaming Service Proxy Privilege Escalation Vulnerability", "descriptions": [ { "lang": "en", @@ -34,10 +38,78 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4851", + "matchCriteriaId": "405C3661-5BC3-4EFC-9FF0-4C05D6F42A04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3448", + "matchCriteriaId": "139662E6-EF56-4398-AEE8-406B8D4F1BC4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "36C0F053-7225-4428-A7D5-7FE2E5036E79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2275", + "matchCriteriaId": "E1128C36-7004-461A-AF79-A530709E8B45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36803.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36803.json index c93c16d3877..dfc479409e6 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36803.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36803.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36803", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:15.717", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:13:48.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,89 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6252", + "matchCriteriaId": "AE629A99-48EA-4736-A2AF-BE8AE3C84CB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4851", + "matchCriteriaId": "405C3661-5BC3-4EFC-9FF0-4C05D6F42A04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3448", + "matchCriteriaId": "139662E6-EF56-4398-AEE8-406B8D4F1BC4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "36C0F053-7225-4428-A7D5-7FE2E5036E79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2275", + "matchCriteriaId": "E1128C36-7004-461A-AF79-A530709E8B45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36803", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36804.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36804.json index cd7dd6d5acc..a07b76ec6d5 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36804.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36804.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36804", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:16.043", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:14:09.980", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20162", + "matchCriteriaId": "D70917B5-47DB-4E61-A0CB-E336BD322A63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6252", + "matchCriteriaId": "AE629A99-48EA-4736-A2AF-BE8AE3C84CB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4851", + "matchCriteriaId": "405C3661-5BC3-4EFC-9FF0-4C05D6F42A04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3448", + "matchCriteriaId": "139662E6-EF56-4398-AEE8-406B8D4F1BC4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "36C0F053-7225-4428-A7D5-7FE2E5036E79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2275", + "matchCriteriaId": "E1128C36-7004-461A-AF79-A530709E8B45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36804", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3622.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3622.json index db248270efa..dfbbb628072 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3622.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3622.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3622", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-07-26T15:15:10.803", - "lastModified": "2023-08-03T15:32:21.260", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-14T20:15:10.560", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -33,45 +33,45 @@ "impactScore": 1.4 }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", - "attackVector": "ADJACENT_NETWORK", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 4.6, + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 2.1, - "impactScore": 2.5 + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-287" + "value": "CWE-284" } ] }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-284" + "value": "CWE-287" } ] } diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37739.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37739.json new file mode 100644 index 00000000000..2d520a552db --- /dev/null +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37739.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-37739", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-14T20:15:10.400", + "lastModified": "2023-09-14T20:15:10.400", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "i-doit Pro v25 and below was discovered to be vulnerable to path traversal." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/leekenghwa/CVE-2023-37739---Path-Traversal-in-i-doit-Pro-25-and-below/blob/main/README.md", + "source": "cve@mitre.org" + }, + { + "url": "https://medium.com/@ray.999/i-doit-pro-v25-path-traversal-cve-2023-37739-4ebb695664bb", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37755.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37755.json new file mode 100644 index 00000000000..c981b19d0bc --- /dev/null +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37755.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-37755", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-14T20:15:10.477", + "lastModified": "2023-09-14T21:15:10.423", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default administrator credentials, and there is no warning or prompt to ask users to change the default password and account name. Unauthenticated attackers can exploit this vulnerability to obtain Administrator privileges, resulting in them being able to perform arbitrary system operations or cause a Denial of Service (DoS)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/blob/main/README.md", + "source": "cve@mitre.org" + }, + { + "url": "https://medium.com/@ray.999/d7a54030e055", + "source": "cve@mitre.org" + }, + { + "url": "https://medium.com/@ray.999/i-doit-v25-and-below-incorrect-access-control-issue-cve-2023-37755-d7a54030e055", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37756.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37756.json new file mode 100644 index 00000000000..9525da45c8d --- /dev/null +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37756.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-37756", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-14T21:15:10.497", + "lastModified": "2023-09-14T21:15:10.497", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Attackers are able to easily guess users' passwords via a bruteforce attack." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/leekenghwa/CVE-2023-37756-CWE-521-lead-to-malicious-plugin-upload-in-the-i-doit-Pro-25-and-below/blob/main/README.md", + "source": "cve@mitre.org" + }, + { + "url": "https://medium.com/@ray.999/idoit-pro-v25-and-below-weak-password-add-on-upload-to-rce-cve-2023-37756-fa1b18433ca3", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38139.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38139.json index 6fb9ddc8c50..987e8d09411 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38139.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38139.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38139", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:16.470", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:14:21.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,125 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20162", + "matchCriteriaId": "D70917B5-47DB-4E61-A0CB-E336BD322A63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6252", + "matchCriteriaId": "AE629A99-48EA-4736-A2AF-BE8AE3C84CB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4851", + "matchCriteriaId": "405C3661-5BC3-4EFC-9FF0-4C05D6F42A04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "098480E4-3DF9-4AE1-AD98-5A24C7D135FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "36C0F053-7225-4428-A7D5-7FE2E5036E79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2275", + "matchCriteriaId": "E1128C36-7004-461A-AF79-A530709E8B45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*", + "matchCriteriaId": "EDCDBC70-9AB7-47F3-BD61-28860EEE5065" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38139", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38140.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38140.json index f5ee9aa64e5..e43bd8a4c2b 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38140.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38140.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38140", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:16.547", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:14:42.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,83 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6252", + "matchCriteriaId": "AE629A99-48EA-4736-A2AF-BE8AE3C84CB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4851", + "matchCriteriaId": "405C3661-5BC3-4EFC-9FF0-4C05D6F42A04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "098480E4-3DF9-4AE1-AD98-5A24C7D135FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "36C0F053-7225-4428-A7D5-7FE2E5036E79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38140", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38141.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38141.json index 2d04f55fe7f..031050f0516 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38141.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38141.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38141", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:16.723", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:14:59.463", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,125 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20162", + "matchCriteriaId": "D70917B5-47DB-4E61-A0CB-E336BD322A63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6252", + "matchCriteriaId": "AE629A99-48EA-4736-A2AF-BE8AE3C84CB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4851", + "matchCriteriaId": "405C3661-5BC3-4EFC-9FF0-4C05D6F42A04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "098480E4-3DF9-4AE1-AD98-5A24C7D135FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "36C0F053-7225-4428-A7D5-7FE2E5036E79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2275", + "matchCriteriaId": "E1128C36-7004-461A-AF79-A530709E8B45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*", + "matchCriteriaId": "EDCDBC70-9AB7-47F3-BD61-28860EEE5065" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38141", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38142.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38142.json index b4b6192209a..41a402bbb25 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38142.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38142.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38142", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:17.057", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:15:11.673", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,125 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20162", + "matchCriteriaId": "D70917B5-47DB-4E61-A0CB-E336BD322A63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6252", + "matchCriteriaId": "AE629A99-48EA-4736-A2AF-BE8AE3C84CB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4851", + "matchCriteriaId": "405C3661-5BC3-4EFC-9FF0-4C05D6F42A04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "098480E4-3DF9-4AE1-AD98-5A24C7D135FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "36C0F053-7225-4428-A7D5-7FE2E5036E79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2275", + "matchCriteriaId": "E1128C36-7004-461A-AF79-A530709E8B45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*", + "matchCriteriaId": "EDCDBC70-9AB7-47F3-BD61-28860EEE5065" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38142", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38143.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38143.json index d2b2f56a94f..16f008d44d8 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38143.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38143.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38143", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:17.367", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:15:26.570", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,125 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20162", + "matchCriteriaId": "D70917B5-47DB-4E61-A0CB-E336BD322A63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6252", + "matchCriteriaId": "AE629A99-48EA-4736-A2AF-BE8AE3C84CB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4851", + "matchCriteriaId": "405C3661-5BC3-4EFC-9FF0-4C05D6F42A04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "098480E4-3DF9-4AE1-AD98-5A24C7D135FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "36C0F053-7225-4428-A7D5-7FE2E5036E79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2275", + "matchCriteriaId": "E1128C36-7004-461A-AF79-A530709E8B45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*", + "matchCriteriaId": "EDCDBC70-9AB7-47F3-BD61-28860EEE5065" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38143", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38144.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38144.json index cd1bf77a062..222b240ba75 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38144.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38144.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38144", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:17.647", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:15:41.220", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,125 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20162", + "matchCriteriaId": "D70917B5-47DB-4E61-A0CB-E336BD322A63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6252", + "matchCriteriaId": "AE629A99-48EA-4736-A2AF-BE8AE3C84CB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4851", + "matchCriteriaId": "405C3661-5BC3-4EFC-9FF0-4C05D6F42A04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "098480E4-3DF9-4AE1-AD98-5A24C7D135FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3448", + "matchCriteriaId": "36C0F053-7225-4428-A7D5-7FE2E5036E79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2275", + "matchCriteriaId": "E1128C36-7004-461A-AF79-A530709E8B45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*", + "matchCriteriaId": "EDCDBC70-9AB7-47F3-BD61-28860EEE5065" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38144", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38146.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38146.json index 5e746f4e2b0..147b9640e3a 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38146.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38146.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38146", "sourceIdentifier": "secure@microsoft.com", "published": "2023-09-12T17:15:17.807", - "lastModified": "2023-09-12T19:38:09.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:16:10.510", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2416", + "matchCriteriaId": "42BAE974-E011-42BC-BE68-E394DFF2F92D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2275", + "matchCriteriaId": "E1128C36-7004-461A-AF79-A530709E8B45" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38146", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38912.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38912.json new file mode 100644 index 00000000000..bd190073774 --- /dev/null +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38912.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38912", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-14T21:15:10.560", + "lastModified": "2023-09-14T21:15:10.560", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability in Super Store Finder PHP Script v.3.6 allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://packetstormsecurity.com/files/173302/Super-Store-Finder-PHP-Script-3.6-SQL-Injection.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-400xx/CVE-2023-40060.json b/CVE-2023/CVE-2023-400xx/CVE-2023-40060.json index 978d9d7beed..cd4e82e7e61 100644 --- a/CVE-2023/CVE-2023-400xx/CVE-2023-40060.json +++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40060.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40060", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-09-07T16:15:08.227", - "lastModified": "2023-09-13T01:17:47.677", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-14T20:15:10.697", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -33,45 +33,45 @@ "impactScore": 5.9 }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", - "attackComplexity": "HIGH", + "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 6.6, - "baseSeverity": "MEDIUM" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 0.7, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "psirt@solarwinds.com", "type": "Primary", "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "CWE-284" } ] }, { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-284" + "value": "NVD-CWE-noinfo" } ] } diff --git a/CVE-2023/CVE-2023-40xx/CVE-2023-4039.json b/CVE-2023/CVE-2023-40xx/CVE-2023-4039.json index 41598e83e9a..a97559abe4c 100644 --- a/CVE-2023/CVE-2023-40xx/CVE-2023-4039.json +++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4039.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4039", "sourceIdentifier": "arm-security@arm.com", "published": "2023-09-13T09:15:15.690", - "lastModified": "2023-09-13T12:55:59.447", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-14T20:01:22.590", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 2.5 + }, { "source": "arm-security@arm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "arm-security@arm.com", "type": "Secondary", @@ -46,14 +76,42 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gnu:gcc:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "2023-09-12", + "matchCriteriaId": "C8373A25-594D-4F3F-981B-0D02056992FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64", - "source": "arm-security@arm.com" + "source": "arm-security@arm.com", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] }, { "url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf", - "source": "arm-security@arm.com" + "source": "arm-security@arm.com", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41156.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41156.json new file mode 100644 index 00000000000..8f4606b0f97 --- /dev/null +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41156.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-41156", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-14T21:15:10.630", + "lastModified": "2023-09-14T21:15:10.630", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Stored Cross-Site Scripting (XSS) vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/shindeanik/Usermin-2.001/blob/main/CVE-2023-41156", + "source": "cve@mitre.org" + }, + { + "url": "https://webmin.com/tags/webmin-changelog/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41159.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41159.json new file mode 100644 index 00000000000..7dba7c7f155 --- /dev/null +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41159.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-41159", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-14T21:15:10.690", + "lastModified": "2023-09-14T21:15:10.690", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Stored Cross-Site Scripting (XSS) vulnerability while editing the autoreply file page in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML by editing the forward file manually." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41159", + "source": "cve@mitre.org" + }, + { + "url": "https://webmin.com/tags/webmin-changelog/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41160.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41160.json new file mode 100644 index 00000000000..6a9aa1dba26 --- /dev/null +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41160.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-41160", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-14T21:15:10.750", + "lastModified": "2023-09-14T21:15:10.750", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the key name field while adding an authorized key." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/shindeanik/Usermin-2.001/blob/main/CVE-2023-41160", + "source": "cve@mitre.org" + }, + { + "url": "https://webmin.com/tags/webmin-changelog/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-415xx/CVE-2023-41588.json b/CVE-2023/CVE-2023-415xx/CVE-2023-41588.json new file mode 100644 index 00000000000..04328105ea8 --- /dev/null +++ b/CVE-2023/CVE-2023-415xx/CVE-2023-41588.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-41588", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-14T20:15:10.840", + "lastModified": "2023-09-14T20:15:10.840", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability in Time to SLA plugin v10.13.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the durationFormat parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/xsn1210/poc2", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/xsn1210/poc2/blob/main/xss%5BTime%20to%20SLA%5D.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-423xx/CVE-2023-42362.json b/CVE-2023/CVE-2023-423xx/CVE-2023-42362.json new file mode 100644 index 00000000000..5004de679fe --- /dev/null +++ b/CVE-2023/CVE-2023-423xx/CVE-2023-42362.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-42362", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-14T21:15:10.833", + "lastModified": "2023-09-14T21:15:10.833", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An arbitrary file upload vulnerability in Teller Web App v.4.4.0 allows a remote attacker to execute arbitrary commands and obtain sensitive information via uploading a crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Mr-n0b3dy/CVE-2023-42362", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4563.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4563.json new file mode 100644 index 00000000000..b201a80dae5 --- /dev/null +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4563.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2023-4563", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-09-14T20:15:11.837", + "lastModified": "2023-09-14T20:15:11.837", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "** REJECT ** This was assigned as a duplicate of CVE-2023-4244." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4676.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4676.json new file mode 100644 index 00000000000..a1edc8ebd29 --- /dev/null +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4676.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4676", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-09-14T20:15:11.923", + "lastModified": "2023-09-14T20:15:11.923", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yordam MedasPro allows Reflected XSS.This issue affects MedasPro: before 28.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0527", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4702.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4702.json new file mode 100644 index 00000000000..346abdcf804 --- /dev/null +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4702.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4702", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-09-14T20:15:12.373", + "lastModified": "2023-09-14T20:15:12.373", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas allows Authentication Bypass.This issue affects Digital Yepas: before 1.0.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-288" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0526", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4863.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4863.json index cc04803d0ed..cf81217831d 100644 --- a/CVE-2023/CVE-2023-48xx/CVE-2023-4863.json +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4863.json @@ -2,8 +2,12 @@ "id": "CVE-2023-4863", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-09-12T15:15:24.327", - "lastModified": "2023-09-13T17:15:10.317", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-09-14T21:15:10.900", + "vulnStatus": "Awaiting Analysis", + "cisaExploitAdd": "2023-09-13", + "cisaActionDue": "2023-10-04", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Google Chromium Heap-Based Buffer Overflow Vulnerability", "descriptions": [ { "lang": "en", @@ -52,6 +56,14 @@ "url": "https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/", "source": "chrome-cve-admin@google.com" }, + { + "url": "https://www.debian.org/security/2023/dsa-5496", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://www.debian.org/security/2023/dsa-5497", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/", "source": "chrome-cve-admin@google.com" diff --git a/CVE-2023/CVE-2023-49xx/CVE-2023-4965.json b/CVE-2023/CVE-2023-49xx/CVE-2023-4965.json new file mode 100644 index 00000000000..2c8baa033be --- /dev/null +++ b/CVE-2023/CVE-2023-49xx/CVE-2023-4965.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-4965", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-09-14T20:15:12.880", + "lastModified": "2023-09-14T20:15:12.880", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host leads to open redirect. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239732." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 2.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 3.3 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 6.4, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ctflearner/Vulnerability/blob/main/PHPIPAM/Open_Redirect.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.239732", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.239732", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-49xx/CVE-2023-4972.json b/CVE-2023/CVE-2023-49xx/CVE-2023-4972.json new file mode 100644 index 00000000000..a1ca054336e --- /dev/null +++ b/CVE-2023/CVE-2023-49xx/CVE-2023-4972.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4972", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-09-14T20:15:13.403", + "lastModified": "2023-09-14T20:15:13.403", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Privilege Management vulnerability in Yepas Digital Yepas allows Collect Data as Provided by Users.This issue affects .\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0526", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index af3bdb7bc8f..4fc9e8f294d 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-14T20:00:25.931390+00:00 +2023-09-14T22:00:26.458013+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-14T19:38:11.107000+00:00 +2023-09-14T21:15:10.900000+00:00 ``` ### Last Data Feed Release @@ -29,69 +29,67 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -225590 +225613 ``` ### CVEs added in the last Commit -Recently added CVEs: `669` +Recently added CVEs: `23` -* [CVE-2019-8884](CVE-2019/CVE-2019-88xx/CVE-2019-8884.json) (`2023-09-14T19:16:50.017`) -* [CVE-2019-8885](CVE-2019/CVE-2019-88xx/CVE-2019-8885.json) (`2023-09-14T19:16:50.077`) -* [CVE-2019-8886](CVE-2019/CVE-2019-88xx/CVE-2019-8886.json) (`2023-09-14T19:16:50.137`) -* [CVE-2019-8887](CVE-2019/CVE-2019-88xx/CVE-2019-8887.json) (`2023-09-14T19:16:50.187`) -* [CVE-2019-8888](CVE-2019/CVE-2019-88xx/CVE-2019-8888.json) (`2023-09-14T19:16:50.237`) -* [CVE-2019-8889](CVE-2019/CVE-2019-88xx/CVE-2019-8889.json) (`2023-09-14T19:16:50.290`) -* [CVE-2019-8890](CVE-2019/CVE-2019-88xx/CVE-2019-8890.json) (`2023-09-14T19:16:50.343`) -* [CVE-2019-8891](CVE-2019/CVE-2019-88xx/CVE-2019-8891.json) (`2023-09-14T19:16:50.393`) -* [CVE-2019-8892](CVE-2019/CVE-2019-88xx/CVE-2019-8892.json) (`2023-09-14T19:16:50.447`) -* [CVE-2019-8893](CVE-2019/CVE-2019-88xx/CVE-2019-8893.json) (`2023-09-14T19:16:50.497`) -* [CVE-2019-8894](CVE-2019/CVE-2019-88xx/CVE-2019-8894.json) (`2023-09-14T19:16:50.547`) -* [CVE-2019-8895](CVE-2019/CVE-2019-88xx/CVE-2019-8895.json) (`2023-09-14T19:16:50.597`) -* [CVE-2019-8896](CVE-2019/CVE-2019-88xx/CVE-2019-8896.json) (`2023-09-14T19:16:50.647`) -* [CVE-2019-8897](CVE-2019/CVE-2019-88xx/CVE-2019-8897.json) (`2023-09-14T19:16:50.693`) -* [CVE-2019-8899](CVE-2019/CVE-2019-88xx/CVE-2019-8899.json) (`2023-09-14T19:16:50.747`) -* [CVE-2021-1842](CVE-2021/CVE-2021-18xx/CVE-2021-1842.json) (`2023-09-14T18:15:08.517`) -* [CVE-2023-1576](CVE-2023/CVE-2023-15xx/CVE-2023-1576.json) (`2023-09-14T18:15:09.053`) -* [CVE-2023-40779](CVE-2023/CVE-2023-407xx/CVE-2023-40779.json) (`2023-09-14T18:15:09.253`) -* [CVE-2023-41010](CVE-2023/CVE-2023-410xx/CVE-2023-41010.json) (`2023-09-14T18:15:09.313`) -* [CVE-2023-4832](CVE-2023/CVE-2023-48xx/CVE-2023-4832.json) (`2023-09-14T18:15:09.477`) -* [CVE-2023-39285](CVE-2023/CVE-2023-392xx/CVE-2023-39285.json) (`2023-09-14T19:16:50.847`) -* [CVE-2023-39286](CVE-2023/CVE-2023-392xx/CVE-2023-39286.json) (`2023-09-14T19:16:50.907`) -* [CVE-2023-41011](CVE-2023/CVE-2023-410xx/CVE-2023-41011.json) (`2023-09-14T19:16:50.960`) -* [CVE-2023-4669](CVE-2023/CVE-2023-46xx/CVE-2023-4669.json) (`2023-09-14T19:16:51.013`) -* [CVE-2023-4766](CVE-2023/CVE-2023-47xx/CVE-2023-4766.json) (`2023-09-14T19:16:51.113`) +* [CVE-2023-29499](CVE-2023/CVE-2023-294xx/CVE-2023-29499.json) (`2023-09-14T20:15:09.420`) +* [CVE-2023-32611](CVE-2023/CVE-2023-326xx/CVE-2023-32611.json) (`2023-09-14T20:15:09.550`) +* [CVE-2023-32636](CVE-2023/CVE-2023-326xx/CVE-2023-32636.json) (`2023-09-14T20:15:09.653`) +* [CVE-2023-32643](CVE-2023/CVE-2023-326xx/CVE-2023-32643.json) (`2023-09-14T20:15:09.770`) +* [CVE-2023-32665](CVE-2023/CVE-2023-326xx/CVE-2023-32665.json) (`2023-09-14T20:15:09.883`) +* [CVE-2023-37739](CVE-2023/CVE-2023-377xx/CVE-2023-37739.json) (`2023-09-14T20:15:10.400`) +* [CVE-2023-41588](CVE-2023/CVE-2023-415xx/CVE-2023-41588.json) (`2023-09-14T20:15:10.840`) +* [CVE-2023-4563](CVE-2023/CVE-2023-45xx/CVE-2023-4563.json) (`2023-09-14T20:15:11.837`) +* [CVE-2023-4676](CVE-2023/CVE-2023-46xx/CVE-2023-4676.json) (`2023-09-14T20:15:11.923`) +* [CVE-2023-4702](CVE-2023/CVE-2023-47xx/CVE-2023-4702.json) (`2023-09-14T20:15:12.373`) +* [CVE-2023-4965](CVE-2023/CVE-2023-49xx/CVE-2023-4965.json) (`2023-09-14T20:15:12.880`) +* [CVE-2023-4972](CVE-2023/CVE-2023-49xx/CVE-2023-4972.json) (`2023-09-14T20:15:13.403`) +* [CVE-2023-25584](CVE-2023/CVE-2023-255xx/CVE-2023-25584.json) (`2023-09-14T21:15:10.023`) +* [CVE-2023-25585](CVE-2023/CVE-2023-255xx/CVE-2023-25585.json) (`2023-09-14T21:15:10.147`) +* [CVE-2023-25586](CVE-2023/CVE-2023-255xx/CVE-2023-25586.json) (`2023-09-14T21:15:10.240`) +* [CVE-2023-25588](CVE-2023/CVE-2023-255xx/CVE-2023-25588.json) (`2023-09-14T21:15:10.320`) +* [CVE-2023-37755](CVE-2023/CVE-2023-377xx/CVE-2023-37755.json) (`2023-09-14T20:15:10.477`) +* [CVE-2023-37756](CVE-2023/CVE-2023-377xx/CVE-2023-37756.json) (`2023-09-14T21:15:10.497`) +* [CVE-2023-38912](CVE-2023/CVE-2023-389xx/CVE-2023-38912.json) (`2023-09-14T21:15:10.560`) +* [CVE-2023-41156](CVE-2023/CVE-2023-411xx/CVE-2023-41156.json) (`2023-09-14T21:15:10.630`) +* [CVE-2023-41159](CVE-2023/CVE-2023-411xx/CVE-2023-41159.json) (`2023-09-14T21:15:10.690`) +* [CVE-2023-41160](CVE-2023/CVE-2023-411xx/CVE-2023-41160.json) (`2023-09-14T21:15:10.750`) +* [CVE-2023-42362](CVE-2023/CVE-2023-423xx/CVE-2023-42362.json) (`2023-09-14T21:15:10.833`) ### CVEs modified in the last Commit -Recently modified CVEs: `25` +Recently modified CVEs: `29` -* [CVE-2021-28485](CVE-2021/CVE-2021-284xx/CVE-2021-28485.json) (`2023-09-14T18:32:35.497`) -* [CVE-2022-38112](CVE-2022/CVE-2022-381xx/CVE-2022-38112.json) (`2023-09-14T18:15:08.820`) -* [CVE-2023-41846](CVE-2023/CVE-2023-418xx/CVE-2023-41846.json) (`2023-09-14T18:00:49.853`) -* [CVE-2023-31284](CVE-2023/CVE-2023-312xx/CVE-2023-31284.json) (`2023-09-14T18:15:09.147`) -* [CVE-2023-41267](CVE-2023/CVE-2023-412xx/CVE-2023-41267.json) (`2023-09-14T18:15:09.383`) -* [CVE-2023-36736](CVE-2023/CVE-2023-367xx/CVE-2023-36736.json) (`2023-09-14T18:20:43.850`) -* [CVE-2023-35355](CVE-2023/CVE-2023-353xx/CVE-2023-35355.json) (`2023-09-14T18:24:00.313`) -* [CVE-2023-41764](CVE-2023/CVE-2023-417xx/CVE-2023-41764.json) (`2023-09-14T18:26:48.153`) -* [CVE-2023-38162](CVE-2023/CVE-2023-381xx/CVE-2023-38162.json) (`2023-09-14T18:29:23.190`) -* [CVE-2023-37878](CVE-2023/CVE-2023-378xx/CVE-2023-37878.json) (`2023-09-14T18:31:44.793`) -* [CVE-2023-37875](CVE-2023/CVE-2023-378xx/CVE-2023-37875.json) (`2023-09-14T18:32:08.477`) -* [CVE-2023-1108](CVE-2023/CVE-2023-11xx/CVE-2023-1108.json) (`2023-09-14T18:32:35.497`) -* [CVE-2023-30909](CVE-2023/CVE-2023-309xx/CVE-2023-30909.json) (`2023-09-14T18:32:35.497`) -* [CVE-2023-42178](CVE-2023/CVE-2023-421xx/CVE-2023-42178.json) (`2023-09-14T18:32:35.497`) -* [CVE-2023-42180](CVE-2023/CVE-2023-421xx/CVE-2023-42180.json) (`2023-09-14T18:32:35.497`) -* [CVE-2023-36250](CVE-2023/CVE-2023-362xx/CVE-2023-36250.json) (`2023-09-14T18:32:35.497`) -* [CVE-2023-4951](CVE-2023/CVE-2023-49xx/CVE-2023-4951.json) (`2023-09-14T18:32:35.497`) -* [CVE-2023-38161](CVE-2023/CVE-2023-381xx/CVE-2023-38161.json) (`2023-09-14T18:33:24.090`) -* [CVE-2023-38160](CVE-2023/CVE-2023-381xx/CVE-2023-38160.json) (`2023-09-14T18:46:43.170`) -* [CVE-2023-38156](CVE-2023/CVE-2023-381xx/CVE-2023-38156.json) (`2023-09-14T18:51:33.217`) -* [CVE-2023-36771](CVE-2023/CVE-2023-367xx/CVE-2023-36771.json) (`2023-09-14T18:54:04.113`) -* [CVE-2023-38147](CVE-2023/CVE-2023-381xx/CVE-2023-38147.json) (`2023-09-14T18:54:53.190`) -* [CVE-2023-36770](CVE-2023/CVE-2023-367xx/CVE-2023-36770.json) (`2023-09-14T18:58:02.537`) -* [CVE-2023-36760](CVE-2023/CVE-2023-367xx/CVE-2023-36760.json) (`2023-09-14T19:00:45.113`) -* [CVE-2023-4921](CVE-2023/CVE-2023-49xx/CVE-2023-4921.json) (`2023-09-14T19:38:11.107`) +* [CVE-2023-36804](CVE-2023/CVE-2023-368xx/CVE-2023-36804.json) (`2023-09-14T20:14:09.980`) +* [CVE-2023-38139](CVE-2023/CVE-2023-381xx/CVE-2023-38139.json) (`2023-09-14T20:14:21.843`) +* [CVE-2023-38140](CVE-2023/CVE-2023-381xx/CVE-2023-38140.json) (`2023-09-14T20:14:42.167`) +* [CVE-2023-38141](CVE-2023/CVE-2023-381xx/CVE-2023-38141.json) (`2023-09-14T20:14:59.463`) +* [CVE-2023-23842](CVE-2023/CVE-2023-238xx/CVE-2023-23842.json) (`2023-09-14T20:15:09.147`) +* [CVE-2023-33225](CVE-2023/CVE-2023-332xx/CVE-2023-33225.json) (`2023-09-14T20:15:09.977`) +* [CVE-2023-33229](CVE-2023/CVE-2023-332xx/CVE-2023-33229.json) (`2023-09-14T20:15:10.107`) +* [CVE-2023-35179](CVE-2023/CVE-2023-351xx/CVE-2023-35179.json) (`2023-09-14T20:15:10.237`) +* [CVE-2023-3622](CVE-2023/CVE-2023-36xx/CVE-2023-3622.json) (`2023-09-14T20:15:10.560`) +* [CVE-2023-40060](CVE-2023/CVE-2023-400xx/CVE-2023-40060.json) (`2023-09-14T20:15:10.697`) +* [CVE-2023-38142](CVE-2023/CVE-2023-381xx/CVE-2023-38142.json) (`2023-09-14T20:15:11.673`) +* [CVE-2023-38143](CVE-2023/CVE-2023-381xx/CVE-2023-38143.json) (`2023-09-14T20:15:26.570`) +* [CVE-2023-38144](CVE-2023/CVE-2023-381xx/CVE-2023-38144.json) (`2023-09-14T20:15:41.220`) +* [CVE-2023-38146](CVE-2023/CVE-2023-381xx/CVE-2023-38146.json) (`2023-09-14T20:16:10.510`) +* [CVE-2023-36773](CVE-2023/CVE-2023-367xx/CVE-2023-36773.json) (`2023-09-14T20:18:56.670`) +* [CVE-2023-36777](CVE-2023/CVE-2023-367xx/CVE-2023-36777.json) (`2023-09-14T20:19:15.323`) +* [CVE-2023-36788](CVE-2023/CVE-2023-367xx/CVE-2023-36788.json) (`2023-09-14T20:19:29.113`) +* [CVE-2023-36792](CVE-2023/CVE-2023-367xx/CVE-2023-36792.json) (`2023-09-14T20:21:09.883`) +* [CVE-2023-36793](CVE-2023/CVE-2023-367xx/CVE-2023-36793.json) (`2023-09-14T20:21:16.583`) +* [CVE-2023-36794](CVE-2023/CVE-2023-367xx/CVE-2023-36794.json) (`2023-09-14T20:21:25.387`) +* [CVE-2023-36796](CVE-2023/CVE-2023-367xx/CVE-2023-36796.json) (`2023-09-14T20:21:35.087`) +* [CVE-2023-36799](CVE-2023/CVE-2023-367xx/CVE-2023-36799.json) (`2023-09-14T20:21:52.743`) +* [CVE-2023-36800](CVE-2023/CVE-2023-368xx/CVE-2023-36800.json) (`2023-09-14T20:22:15.590`) +* [CVE-2023-36801](CVE-2023/CVE-2023-368xx/CVE-2023-36801.json) (`2023-09-14T20:22:28.163`) +* [CVE-2023-4863](CVE-2023/CVE-2023-48xx/CVE-2023-4863.json) (`2023-09-14T21:15:10.900`) ## Download and Usage