From a67439a459d216857a9fbffaf8615567ddd48403 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Tue, 16 Jan 2024 05:00:27 +0000
Subject: [PATCH] Auto-Update: 2024-01-16T05:00:24.211239+00:00

---
 CVE-2022/CVE-2022-343xx/CVE-2022-34364.json | 16 +++---
 CVE-2024/CVE-2024-223xx/CVE-2024-22362.json | 32 ++++++++++++
 CVE-2024/CVE-2024-224xx/CVE-2024-22428.json | 55 +++++++++++++++++++++
 README.md                                   | 35 +++----------
 4 files changed, 103 insertions(+), 35 deletions(-)
 create mode 100644 CVE-2024/CVE-2024-223xx/CVE-2024-22362.json
 create mode 100644 CVE-2024/CVE-2024-224xx/CVE-2024-22428.json

diff --git a/CVE-2022/CVE-2022-343xx/CVE-2022-34364.json b/CVE-2022/CVE-2022-343xx/CVE-2022-34364.json
index ff48f3cab48..0ba34b6149d 100644
--- a/CVE-2022/CVE-2022-343xx/CVE-2022-34364.json
+++ b/CVE-2022/CVE-2022-343xx/CVE-2022-34364.json
@@ -2,12 +2,12 @@
   "id": "CVE-2022-34364",
   "sourceIdentifier": "security_alert@emc.com",
   "published": "2023-02-10T20:15:52.917",
-  "lastModified": "2023-11-07T03:48:34.220",
+  "lastModified": "2024-01-16T04:15:07.733",
   "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
-      "value": "\nDell BSAFE SSL-J when used in debug mode can reveal unnecessary information. An attacker could potentially exploit this vulnerability and have access to private information.\n\n\n\n\n\n"
+      "value": "\n\n\nDell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.\n\n\n\n\n\n\n\n"
     }
   ],
   "metrics": {
@@ -33,23 +33,23 @@
         "impactScore": 3.6
       },
       {
-        "source": "c550e75a-17ff-4988-97f0-544cde3820fe",
+        "source": "security_alert@emc.com",
         "type": "Secondary",
         "cvssData": {
           "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
           "attackVector": "LOCAL",
           "attackComplexity": "LOW",
-          "privilegesRequired": "LOW",
+          "privilegesRequired": "HIGH",
           "userInteraction": "NONE",
           "scope": "UNCHANGED",
           "confidentialityImpact": "HIGH",
           "integrityImpact": "NONE",
           "availabilityImpact": "NONE",
-          "baseScore": 5.5,
+          "baseScore": 4.4,
           "baseSeverity": "MEDIUM"
         },
-        "exploitabilityScore": 1.8,
+        "exploitabilityScore": 0.8,
         "impactScore": 3.6
       }
     ]
@@ -66,7 +66,7 @@
       ]
     },
     {
-      "source": "c550e75a-17ff-4988-97f0-544cde3820fe",
+      "source": "security_alert@emc.com",
       "type": "Secondary",
       "description": [
         {
diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22362.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22362.json
new file mode 100644
index 00000000000..7f9145c8893
--- /dev/null
+++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22362.json
@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2024-22362",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-01-16T04:15:07.993",
+  "lastModified": "2024-01-16T04:15:07.993",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Drupal contains a vulnerability with improper handling of structural elements. If this vulnerability is exploited, an attacker may be able to cause a denial-of-service (DoS) condition."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/drupal/drupal",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://jvn.jp/en/jp/JVN63383723/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.drupal.org/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.drupal.org/about/core/policies/core-release-cycles/schedule",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22428.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22428.json
new file mode 100644
index 00000000000..4cf8473501b
--- /dev/null
+++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22428.json
@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-22428",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2024-01-16T04:15:08.067",
+  "lastModified": "2024-01-16T04:15:08.067",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nDell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability.\u00a0It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest opportunity.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.0,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.0,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-276"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000221129/dsa-2024-018-security-update-for-dell-idrac-service-module-for-weak-folder-permission-vulnerabilities",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 8c74bc4017c..f10f31a809a 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-01-16T03:00:25.713699+00:00
+2024-01-16T05:00:24.211239+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-01-16T02:15:28.590000+00:00
+2024-01-16T04:15:08.067000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,41 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-235948
+235950
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `12`
+Recently added CVEs: `2`
 
-* [CVE-2023-41619](CVE-2023/CVE-2023-416xx/CVE-2023-41619.json) (`2024-01-16T01:15:34.233`)
-* [CVE-2023-47459](CVE-2023/CVE-2023-474xx/CVE-2023-47459.json) (`2024-01-16T01:15:34.283`)
-* [CVE-2023-47460](CVE-2023/CVE-2023-474xx/CVE-2023-47460.json) (`2024-01-16T01:15:34.327`)
-* [CVE-2023-48104](CVE-2023/CVE-2023-481xx/CVE-2023-48104.json) (`2024-01-16T01:15:34.370`)
-* [CVE-2023-49106](CVE-2023/CVE-2023-491xx/CVE-2023-49106.json) (`2024-01-16T01:15:34.423`)
-* [CVE-2023-49107](CVE-2023/CVE-2023-491xx/CVE-2023-49107.json) (`2024-01-16T01:15:34.630`)
-* [CVE-2023-51810](CVE-2023/CVE-2023-518xx/CVE-2023-51810.json) (`2024-01-16T01:15:34.900`)
-* [CVE-2023-6457](CVE-2023/CVE-2023-64xx/CVE-2023-6457.json) (`2024-01-16T01:15:34.950`)
-* [CVE-2023-43449](CVE-2023/CVE-2023-434xx/CVE-2023-43449.json) (`2024-01-16T02:15:28.420`)
-* [CVE-2023-51059](CVE-2023/CVE-2023-510xx/CVE-2023-51059.json) (`2024-01-16T02:15:28.480`)
-* [CVE-2023-51257](CVE-2023/CVE-2023-512xx/CVE-2023-51257.json) (`2024-01-16T02:15:28.537`)
-* [CVE-2023-51282](CVE-2023/CVE-2023-512xx/CVE-2023-51282.json) (`2024-01-16T02:15:28.590`)
+* [CVE-2024-22362](CVE-2024/CVE-2024-223xx/CVE-2024-22362.json) (`2024-01-16T04:15:07.993`)
+* [CVE-2024-22428](CVE-2024/CVE-2024-224xx/CVE-2024-22428.json) (`2024-01-16T04:15:08.067`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `10`
+Recently modified CVEs: `1`
 
-* [CVE-2009-4128](CVE-2009/CVE-2009-41xx/CVE-2009-4128.json) (`2024-01-16T01:15:33.613`)
-* [CVE-2012-2314](CVE-2012/CVE-2012-23xx/CVE-2012-2314.json) (`2024-01-16T01:15:33.763`)
-* [CVE-2013-4577](CVE-2013/CVE-2013-45xx/CVE-2013-4577.json) (`2024-01-16T01:15:33.860`)
-* [CVE-2015-8370](CVE-2015/CVE-2015-83xx/CVE-2015-8370.json) (`2024-01-16T01:15:33.947`)
-* [CVE-2021-3981](CVE-2021/CVE-2021-39xx/CVE-2021-3981.json) (`2024-01-16T01:15:34.110`)
-* [CVE-2022-46480](CVE-2022/CVE-2022-464xx/CVE-2022-46480.json) (`2024-01-16T02:15:28.090`)
-* [CVE-2023-4001](CVE-2023/CVE-2023-40xx/CVE-2023-4001.json) (`2024-01-16T01:15:34.820`)
-* [CVE-2023-26941](CVE-2023/CVE-2023-269xx/CVE-2023-26941.json) (`2024-01-16T02:15:28.207`)
-* [CVE-2023-26942](CVE-2023/CVE-2023-269xx/CVE-2023-26942.json) (`2024-01-16T02:15:28.283`)
-* [CVE-2023-26943](CVE-2023/CVE-2023-269xx/CVE-2023-26943.json) (`2024-01-16T02:15:28.350`)
+* [CVE-2022-34364](CVE-2022/CVE-2022-343xx/CVE-2022-34364.json) (`2024-01-16T04:15:07.733`)
 
 
 ## Download and Usage