From b223d464af78c15efbd8003dc1a5c78d63b717db Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 19 Jan 2024 03:00:28 +0000 Subject: [PATCH] Auto-Update: 2024-01-19T03:00:24.915278+00:00 --- CVE-2023/CVE-2023-312xx/CVE-2023-31211.json | 643 +++++++++++++++++++- CVE-2023/CVE-2023-323xx/CVE-2023-32337.json | 59 ++ CVE-2023/CVE-2023-350xx/CVE-2023-35020.json | 59 ++ CVE-2023/CVE-2023-350xx/CVE-2023-35082.json | 6 +- CVE-2023/CVE-2023-371xx/CVE-2023-37117.json | 71 ++- CVE-2023/CVE-2023-387xx/CVE-2023-38738.json | 59 ++ CVE-2023/CVE-2023-403xx/CVE-2023-40362.json | 70 ++- CVE-2023/CVE-2023-406xx/CVE-2023-40683.json | 59 ++ CVE-2023/CVE-2023-438xx/CVE-2023-43815.json | 4 +- CVE-2023/CVE-2023-438xx/CVE-2023-43816.json | 4 +- CVE-2023/CVE-2023-438xx/CVE-2023-43817.json | 4 +- CVE-2023/CVE-2023-438xx/CVE-2023-43818.json | 4 +- CVE-2023/CVE-2023-438xx/CVE-2023-43819.json | 4 +- CVE-2023/CVE-2023-438xx/CVE-2023-43820.json | 4 +- CVE-2023/CVE-2023-438xx/CVE-2023-43821.json | 4 +- CVE-2023/CVE-2023-438xx/CVE-2023-43822.json | 4 +- CVE-2023/CVE-2023-438xx/CVE-2023-43823.json | 4 +- CVE-2023/CVE-2023-438xx/CVE-2023-43824.json | 4 +- CVE-2023/CVE-2023-468xx/CVE-2023-46805.json | 8 +- CVE-2023/CVE-2023-477xx/CVE-2023-47718.json | 63 ++ CVE-2023/CVE-2023-492xx/CVE-2023-49255.json | 83 ++- CVE-2023/CVE-2023-492xx/CVE-2023-49262.json | 83 ++- CVE-2023/CVE-2023-506xx/CVE-2023-50614.json | 4 +- CVE-2023/CVE-2023-509xx/CVE-2023-50919.json | 434 ++++++++++++- CVE-2023/CVE-2023-509xx/CVE-2023-50920.json | 434 ++++++++++++- CVE-2023/CVE-2023-509xx/CVE-2023-50963.json | 59 ++ CVE-2023/CVE-2023-512xx/CVE-2023-51217.json | 4 +- CVE-2023/CVE-2023-512xx/CVE-2023-51258.json | 4 +- CVE-2023/CVE-2023-51xx/CVE-2023-5130.json | 4 +- CVE-2023/CVE-2023-51xx/CVE-2023-5131.json | 4 +- CVE-2023/CVE-2023-65xx/CVE-2023-6548.json | 6 +- CVE-2023/CVE-2023-65xx/CVE-2023-6549.json | 6 +- CVE-2023/CVE-2023-67xx/CVE-2023-6735.json | 643 +++++++++++++++++++- CVE-2023/CVE-2023-67xx/CVE-2023-6740.json | 643 +++++++++++++++++++- CVE-2024/CVE-2024-05xx/CVE-2024-0503.json | 63 +- CVE-2024/CVE-2024-05xx/CVE-2024-0519.json | 10 +- CVE-2024/CVE-2024-06xx/CVE-2024-0693.json | 4 +- CVE-2024/CVE-2024-06xx/CVE-2024-0695.json | 4 +- CVE-2024/CVE-2024-06xx/CVE-2024-0696.json | 4 +- CVE-2024/CVE-2024-218xx/CVE-2024-21887.json | 8 +- CVE-2024/CVE-2024-222xx/CVE-2024-22213.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22400.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22401.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22402.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22403.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22404.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22415.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22418.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22422.json | 59 ++ CVE-2024/CVE-2024-224xx/CVE-2024-22424.json | 63 ++ README.md | 73 +-- 51 files changed, 3732 insertions(+), 136 deletions(-) create mode 100644 CVE-2023/CVE-2023-323xx/CVE-2023-32337.json create mode 100644 CVE-2023/CVE-2023-350xx/CVE-2023-35020.json create mode 100644 CVE-2023/CVE-2023-387xx/CVE-2023-38738.json create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40683.json create mode 100644 CVE-2023/CVE-2023-477xx/CVE-2023-47718.json create mode 100644 CVE-2023/CVE-2023-509xx/CVE-2023-50963.json create mode 100644 CVE-2024/CVE-2024-224xx/CVE-2024-22422.json create mode 100644 CVE-2024/CVE-2024-224xx/CVE-2024-22424.json diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31211.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31211.json index 39c361473b7..0cc9b3e41e2 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31211.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31211.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31211", "sourceIdentifier": "security@checkmk.com", "published": "2024-01-12T08:15:43.137", - "lastModified": "2024-01-12T14:15:48.050", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T02:09:26.650", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-670" + } + ] + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -50,10 +80,617 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "8AF09C00-1AEF-4502-8C7B-3B68F2C35D34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "FE7C4821-74F2-442C-B51F-A52788FC61F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "D7A74CB5-CC6E-4166-B884-498F2CF1A33E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "42DCB139-5BBE-45F3-80F5-3A43D95A58BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "5D956394-C3F3-4C88-A791-364AE555D522" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "25E96088-0FA2-49FD-B93D-5AFC9605289E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "EDB60B12-F724-40C7-8EB2-1270484E88F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "1982ED3B-A0FA-476A-BFB2-5B7B53289496" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "F646D243-433E-46F9-9E8E-E4F734F9E648" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "D1C14080-79C9-4620-AD1F-6CB46F0F74D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "4AECE1FE-F3D1-4FF0-BDF9-F39FFCBF52E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "C2F79F99-5F46-48A7-BEE7-1551CD56C2F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "2EB6F9D4-13D2-4218-96EF-64C2126369DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "62841559-BDA0-4B67-932A-007D91BFBD14" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "F6F22F4E-4A8A-4A7B-A01A-50E9BEA019DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "C1467012-F4CD-4547-A761-50B5F478A055" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "200EE0FA-D641-4612-8048-3B00997CBB42" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "AA60BF44-AF52-458A-BD3F-9FD5D8408575" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "9BFE55DC-89EA-404F-8DDF-93E351366789" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "C62D8997-DD3B-4B83-B6A5-DFC2408A9164" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "80B4A77F-F636-49BB-8CB6-60064984463F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "356E5744-AB8E-4FBA-992F-74ED8F9086CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "41FB6FFA-F38F-4754-A1E6-35073D84069E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "E1AA25FE-FA1B-4525-99B8-1098E75BDC5C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "073ED1BF-B3FE-4CC4-A279-15981DBC0BE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "BA067A60-3B6A-4C3B-8934-E2725199EE39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "DD42912A-092C-4FD9-9874-5B04989164C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "E26E5640-8396-4B9C-890F-E9598CEB08FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "82CBA4CB-FCEE-4D33-8127-944D914A8F5C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "DE6414DD-DA34-4FE7-B976-A6898B454E60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "0CB08010-2416-469D-8B27-212F28BF62EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "8F66346B-4A8A-4323-B197-B5D4D949FCEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "28117164-A991-4E38-825D-88D7B16EC3CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "8EC2C076-C4C6-4C9A-84FE-B47E835AA0E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "57C08697-674F-4924-A5A2-40F1E2BF2059" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "AB444D23-88E8-4AFE-9F1E-56AE4ADF7644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "050E9020-9E83-4198-B550-F554686DCC36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "5D3DFD03-89BF-433F-B14C-8B46AD5146F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "50D06254-A368-4DE1-8734-1DC49002FBB1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "489B86C6-FDD3-4569-B330-86CF51B533B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "50456E0E-0597-4E90-9BFC-1384800ED073" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "0A7E61FE-E2B2-434F-8DFB-BF6AB78B8DE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "D5FDDC0D-52AA-419C-84CF-48B608B976E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "DC948630-1F71-4441-B842-29974C2D4C1B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "05518D94-0376-4B0C-AE53-74C54DBD6A10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "E9F4C18C-D62E-47F5-A309-D0BC9CFB990C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "DAFBA752-75C7-4514-AC75-CE7D78AE9F96" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "57BA8394-7755-45E0-8B4D-B37A8A5B5DB8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "D6A02DB9-71F6-429F-A084-D811AD016CBA" + } + ] + } + ] + } + ], "references": [ { "url": "https://checkmk.com/werk/16227", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32337.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32337.json new file mode 100644 index 00000000000..ad45d9699c9 --- /dev/null +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32337.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32337", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-01-19T02:15:07.537", + "lastModified": "2024-01-19T02:15:07.537", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/255288", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7107712", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35020.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35020.json new file mode 100644 index 00000000000..0a34c11a09b --- /dev/null +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35020.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-35020", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-01-19T01:15:08.347", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257874." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257874", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7107788", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35082.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35082.json index 28c3ee0a3db..34f8bfe6cb7 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35082.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35082.json @@ -2,8 +2,12 @@ "id": "CVE-2023-35082", "sourceIdentifier": "support@hackerone.com", "published": "2023-08-15T16:15:11.633", - "lastModified": "2023-08-22T02:16:30.973", + "lastModified": "2024-01-19T02:00:01.863", "vulnStatus": "Analyzed", + "cisaExploitAdd": "2024-01-18", + "cisaActionDue": "2024-02-08", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-371xx/CVE-2023-37117.json b/CVE-2023/CVE-2023-371xx/CVE-2023-37117.json index 584d7203629..e8c8879cbcd 100644 --- a/CVE-2023/CVE-2023-371xx/CVE-2023-37117.json +++ b/CVE-2023/CVE-2023-371xx/CVE-2023-37117.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37117", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-12T07:15:12.077", - "lastModified": "2024-01-12T13:47:31.250", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T01:57:04.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,76 @@ "value": "Se encontr\u00f3 una vulnerabilidad de use after free del mont\u00f3n en live555 versi\u00f3n 2023.05.10 mientras se manejaba el SETUP." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:live555:live555:2023.05.10:*:*:*:*:*:*:*", + "matchCriteriaId": "FD34412A-C903-4798-A9AF-8EE23BFBE493" + } + ] + } + ] + } + ], "references": [ { "url": "http://lists.live555.com/pipermail/live-devel/2023-June/022331.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Mailing List", + "Vendor Advisory" + ] }, { "url": "http://www.live555.com/liveMedia/public/changelog.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-387xx/CVE-2023-38738.json b/CVE-2023/CVE-2023-387xx/CVE-2023-38738.json new file mode 100644 index 00000000000..249488413e7 --- /dev/null +++ b/CVE-2023/CVE-2023-387xx/CVE-2023-38738.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-38738", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-01-19T01:15:08.717", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nIBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit this weakness and gain unauthorized access to other OpenPages accounts. IBM X-Force ID: 262594.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-257" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262594", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7107775", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40362.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40362.json index 3833ea4320e..97e89967fad 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40362.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40362.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40362", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-12T08:15:43.467", - "lastModified": "2024-01-12T13:47:31.250", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T02:09:45.820", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,75 @@ "value": "Se descubri\u00f3 un problema en CentralSquare Click2Gov Building Permit antes de octubre de 2023. La falta de protecciones de control de acceso permite a atacantes remotos eliminar arbitrariamente a los contratistas de la cuenta de cualquier usuario cuando se conoce la identificaci\u00f3n del usuario y la informaci\u00f3n del contratista." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:centralsquare:click2gov_building_permit:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D740CF40-FBCC-4F42-B993-870E00917DA4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ally-petitt/CVE-2023-40362", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.classaction.org/news/centralsquare-hit-with-class-action-over-2017-2018-click2gov-data-breach", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40683.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40683.json new file mode 100644 index 00000000000..530f31865e4 --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40683.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-40683", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-01-19T01:15:08.910", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrative access to the application. IBM X-Force ID: 264005." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-264" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264005", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7107774", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43815.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43815.json index 4624ddb7f1a..ec59bd00aeb 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43815.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43815.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43815", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:08.717", - "lastModified": "2024-01-18T22:15:08.717", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43816.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43816.json index 33c5ea6c948..9c9c6eaede4 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43816.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43816.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43816", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:08.957", - "lastModified": "2024-01-18T22:15:08.957", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43817.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43817.json index adac64898e9..e9da92c1b6b 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43817.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43817.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43817", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:09.183", - "lastModified": "2024-01-18T22:15:09.183", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43818.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43818.json index 138db06bbca..6ff8d7703a4 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43818.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43818.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43818", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:09.383", - "lastModified": "2024-01-18T22:15:09.383", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43819.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43819.json index 9b12af77d51..4ba99515c34 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43819.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43819.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43819", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:09.587", - "lastModified": "2024-01-18T22:15:09.587", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43820.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43820.json index 7a99f4a9a5e..b9ebb7d882e 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43820.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43820.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43820", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:09.800", - "lastModified": "2024-01-18T22:15:09.800", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43821.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43821.json index b68148ec935..b649a568719 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43821.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43821.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43821", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:10.017", - "lastModified": "2024-01-18T22:15:10.017", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43822.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43822.json index c2758210d6e..62412010624 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43822.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43822.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43822", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:10.220", - "lastModified": "2024-01-18T22:15:10.220", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43823.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43823.json index b2318786f82..39eca11813b 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43823.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43823.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43823", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:10.430", - "lastModified": "2024-01-18T22:15:10.430", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43824.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43824.json index f6286bd6309..bc523326fb1 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43824.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43824.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43824", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:10.630", - "lastModified": "2024-01-18T22:15:10.630", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-468xx/CVE-2023-46805.json b/CVE-2023/CVE-2023-468xx/CVE-2023-46805.json index f9403961ee3..0bdcb502860 100644 --- a/CVE-2023/CVE-2023-468xx/CVE-2023-46805.json +++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46805.json @@ -2,16 +2,20 @@ "id": "CVE-2023-46805", "sourceIdentifier": "support@hackerone.com", "published": "2024-01-12T17:15:09.530", - "lastModified": "2024-01-13T02:00:00.970", + "lastModified": "2024-01-19T02:00:01.863", "vulnStatus": "Analyzed", "cisaExploitAdd": "2024-01-10", - "cisaActionDue": "2024-01-31", + "cisaActionDue": "2024-01-22", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability", "descriptions": [ { "lang": "en", "value": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en el componente web de Ivanti ICS 9.x, 22.x e Ivanti Policy Secure permite a un atacante remoto acceder a recursos restringidos omitiendo las comprobaciones de control." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-477xx/CVE-2023-47718.json b/CVE-2023/CVE-2023-477xx/CVE-2023-47718.json new file mode 100644 index 00000000000..489ec8e1fc3 --- /dev/null +++ b/CVE-2023/CVE-2023-477xx/CVE-2023-47718.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-47718", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-01-19T02:15:07.757", + "lastModified": "2024-01-19T02:15:07.757", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 271843." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271843", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7107738", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7107740", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49255.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49255.json index cff0749cbba..1b96d337657 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49255.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49255.json @@ -2,16 +2,53 @@ "id": "CVE-2023-49255", "sourceIdentifier": "cvd@cert.pl", "published": "2024-01-12T15:15:09.083", - "lastModified": "2024-01-12T15:54:26.600", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T02:11:57.800", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The router console is accessible without authentication at \"data\" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. If any other user is currently logged in, the anonymous user can execute commands in the context of the authenticated one. If the logged in user has administrative privileges, it is possible to use webadmin service configuration commands to create a new admin user with a chosen password." + }, + { + "lang": "es", + "value": "Se puede acceder a la consola del enrutador sin autenticaci\u00f3n en el campo \"data\" y, si bien es necesario que un usuario inicie sesi\u00f3n para modificar la configuraci\u00f3n, el estado de la sesi\u00f3n se comparte. Si alg\u00fan otro usuario ha iniciado sesi\u00f3n actualmente, el usuario an\u00f3nimo puede ejecutar comandos en el contexto del autenticado. Si el usuario que inici\u00f3 sesi\u00f3n tiene privilegios administrativos, es posible utilizar los comandos de configuraci\u00f3n del servicio webadmin para crear un nuevo usuario administrador con una contrase\u00f1a elegida." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + }, { "source": "cvd@cert.pl", "type": "Secondary", @@ -23,14 +60,50 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hongdian:h8951-4g-esp_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2310271149", + "matchCriteriaId": "4391599E-AC50-4409-B8DE-D86CD4EACA35" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hongdian:h8951-4g-esp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3B44C0C6-3995-43DB-9B49-78110E5E7A43" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.pl/en/posts/2024/01/CVE-2023-49253/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://cert.pl/posts/2024/01/CVE-2023-49253/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49262.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49262.json index 5f74c4cab84..45a259879d7 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49262.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49262.json @@ -2,16 +2,53 @@ "id": "CVE-2023-49262", "sourceIdentifier": "cvd@cert.pl", "published": "2024-01-12T15:15:09.593", - "lastModified": "2024-01-12T15:54:26.600", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T02:11:40.757", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The authentication mechanism can be bypassed by overflowing the value of the Cookie \"authentication\" field, provided there is an active user session." + }, + { + "lang": "es", + "value": "El mecanismo de autenticaci\u00f3n se puede omitir desbordando el valor del campo \"authentication\" de cookies, siempre que haya una sesi\u00f3n de usuario activa." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, { "source": "cvd@cert.pl", "type": "Secondary", @@ -23,14 +60,50 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hongdian:h8951-4g-esp_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2310271149", + "matchCriteriaId": "4391599E-AC50-4409-B8DE-D86CD4EACA35" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hongdian:h8951-4g-esp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3B44C0C6-3995-43DB-9B49-78110E5E7A43" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.pl/en/posts/2024/01/CVE-2023-49253/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://cert.pl/posts/2024/01/CVE-2023-49253/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-506xx/CVE-2023-50614.json b/CVE-2023/CVE-2023-506xx/CVE-2023-50614.json index d299f1ad3c2..fce185dbf80 100644 --- a/CVE-2023/CVE-2023-506xx/CVE-2023-50614.json +++ b/CVE-2023/CVE-2023-506xx/CVE-2023-50614.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50614", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-18T22:15:10.843", - "lastModified": "2024-01-18T22:15:10.843", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50919.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50919.json index 1ff41595d88..b12adfb4b8e 100644 --- a/CVE-2023/CVE-2023-509xx/CVE-2023-50919.json +++ b/CVE-2023/CVE-2023-509xx/CVE-2023-50919.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50919", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-12T08:15:43.533", - "lastModified": "2024-01-12T13:47:31.250", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T02:10:22.870", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,437 @@ "value": "Se descubri\u00f3 un problema en dispositivos GL.iNet anteriores a la versi\u00f3n 4.5.0. Existe una omisi\u00f3n de autenticaci\u00f3n NGINX mediante la coincidencia de patrones de cadenas Lua. Esto afecta a A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7 y B1300 4.3.7." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "9085B46F-0620-4126-9E6B-C729C49C23C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "CC12DFE3-F634-4737-AEF7-82685634F65E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ax1800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "459CA3AD-7D9A-4E72-8847-9F989232CDCD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "C3C99D06-8CF3-4F1F-9729-DDD871CD28D8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "2321AEF1-B475-439F-A936-581337CB5181" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-axt1800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49448661-9D95-4218-B2FA-73610AA5523C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "0E4AFE9D-666C-4898-A27B-3AAC1A74908D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "12F39096-F3A6-4240-9CCF-3CEB44A549D4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D832083-488B-40F2-8D7A-66E917DF67F9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "5BDCB33B-3A4D-4F62-A302-73C10852529B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "D78DCE77-BBC1-4702-89F3-A2064A82ED85" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt2500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "88C600EF-AF68-45F0-B9C0-7ECA0D33179C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt6000_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "E0991507-2442-42D2-AFB2-79D91F631CC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt6000_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "BB2FAEE3-AF10-4D2A-9A5B-8F783613AC7F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt6000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0480E0BD-DAEE-42E7-A6EB-BC09889CC7B9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "D462B247-60E8-4044-B413-D145F342F8BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "843FD80C-235B-4B28-9D98-8DDBFED335D4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "65A8D1C9-9EAE-4EDF-A1D4-D45E9EE65585" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "7469E6FA-07DB-430D-BAD8-21AF64C55FBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "C6E6EF01-62DC-438B-B975-C3DF84DC6E52" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt300n-v2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EA4A042E-2C80-4EF9-93CA-D2756216BB0C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "4037EFB4-EA0A-4C89-800A-2990AA8BC185" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "F760479D-D8E7-4AC2-8083-AAE870225CE7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8C939D70-5353-43B7-AEF9-8F1D784DD4EF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "ACAAD071-0070-48B9-9797-26B1D5CAC962" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "C03FF3D4-BC96-42DB-8EC6-466A1C02B534" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ar750:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FE176E8-8CB1-429B-9B3B-E1F58EC0C8F5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "E267A0D1-8D9B-43A9-88F0-3CA961403FBC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "551632B5-BBAC-4A4D-96BD-8D49EF3A5EFB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ar300m:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10C965DA-2D49-4ED6-B028-3A23164EDC14" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "9E6AF4D2-8BD0-4536-82AA-A9A06441DB59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "AFBE858E-8D41-4221-8520-25BA35EFE8D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-b1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10D84ECB-35CB-42B0-B925-8B631C235CC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "1D582CF8-55A2-4261-84A3-DB5677C569D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "789782AD-CCC9-403C-810A-F634B09EEB5B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-a1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2365517B-F8AF-490D-9282-36679EB484D2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50920.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50920.json index 5f159b683f4..41e79195e90 100644 --- a/CVE-2023/CVE-2023-509xx/CVE-2023-50920.json +++ b/CVE-2023/CVE-2023-509xx/CVE-2023-50920.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50920", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-12T08:15:43.590", - "lastModified": "2024-01-12T13:47:31.250", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T02:11:15.010", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,437 @@ "value": "Se descubri\u00f3 un problema en dispositivos GL.iNet anteriores a la versi\u00f3n 4.5.0. Asignan el mismo ID de sesi\u00f3n despu\u00e9s de reiniciar cada usuario, lo que permite a los atacantes compartir identificadores de sesi\u00f3n entre diferentes sesiones y omitir las medidas de autenticaci\u00f3n o control de acceso. Los atacantes pueden hacerse pasar por usuarios leg\u00edtimos o realizar acciones no autorizadas. Esto afecta a A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7 y B1300 4.3.7." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-384" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "9085B46F-0620-4126-9E6B-C729C49C23C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "CC12DFE3-F634-4737-AEF7-82685634F65E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ax1800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "459CA3AD-7D9A-4E72-8847-9F989232CDCD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "C3C99D06-8CF3-4F1F-9729-DDD871CD28D8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "2321AEF1-B475-439F-A936-581337CB5181" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-axt1800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49448661-9D95-4218-B2FA-73610AA5523C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "0E4AFE9D-666C-4898-A27B-3AAC1A74908D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "12F39096-F3A6-4240-9CCF-3CEB44A549D4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D832083-488B-40F2-8D7A-66E917DF67F9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "5BDCB33B-3A4D-4F62-A302-73C10852529B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "D78DCE77-BBC1-4702-89F3-A2064A82ED85" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt2500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "88C600EF-AF68-45F0-B9C0-7ECA0D33179C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt6000_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "E0991507-2442-42D2-AFB2-79D91F631CC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt6000_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "BB2FAEE3-AF10-4D2A-9A5B-8F783613AC7F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt6000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0480E0BD-DAEE-42E7-A6EB-BC09889CC7B9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "D462B247-60E8-4044-B413-D145F342F8BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "843FD80C-235B-4B28-9D98-8DDBFED335D4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "65A8D1C9-9EAE-4EDF-A1D4-D45E9EE65585" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "7469E6FA-07DB-430D-BAD8-21AF64C55FBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "C6E6EF01-62DC-438B-B975-C3DF84DC6E52" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt300n-v2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EA4A042E-2C80-4EF9-93CA-D2756216BB0C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "4037EFB4-EA0A-4C89-800A-2990AA8BC185" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "F760479D-D8E7-4AC2-8083-AAE870225CE7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8C939D70-5353-43B7-AEF9-8F1D784DD4EF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "ACAAD071-0070-48B9-9797-26B1D5CAC962" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "C03FF3D4-BC96-42DB-8EC6-466A1C02B534" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ar750:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FE176E8-8CB1-429B-9B3B-E1F58EC0C8F5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "E267A0D1-8D9B-43A9-88F0-3CA961403FBC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "551632B5-BBAC-4A4D-96BD-8D49EF3A5EFB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ar300m:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10C965DA-2D49-4ED6-B028-3A23164EDC14" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "9E6AF4D2-8BD0-4536-82AA-A9A06441DB59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "AFBE858E-8D41-4221-8520-25BA35EFE8D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-b1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10D84ECB-35CB-42B0-B925-8B631C235CC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:4.3.7:*:*:*:*:*:*:*", + "matchCriteriaId": "1D582CF8-55A2-4261-84A3-DB5677C569D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:4.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "789782AD-CCC9-403C-810A-F634B09EEB5B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-a1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2365517B-F8AF-490D-9282-36679EB484D2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass-seesion-ID.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50963.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50963.json new file mode 100644 index 00000000000..8fb4a4e826f --- /dev/null +++ b/CVE-2023/CVE-2023-509xx/CVE-2023-50963.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-50963", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-01-19T02:15:07.970", + "lastModified": "2024-01-19T02:15:07.970", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 276101." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/276101", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7106918", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-512xx/CVE-2023-51217.json b/CVE-2023/CVE-2023-512xx/CVE-2023-51217.json index 2b7886e900f..ca54fc7597a 100644 --- a/CVE-2023/CVE-2023-512xx/CVE-2023-51217.json +++ b/CVE-2023/CVE-2023-512xx/CVE-2023-51217.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51217", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-18T21:15:08.243", - "lastModified": "2024-01-18T21:15:08.243", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-512xx/CVE-2023-51258.json b/CVE-2023/CVE-2023-512xx/CVE-2023-51258.json index 3eb288232cf..9a37888440e 100644 --- a/CVE-2023/CVE-2023-512xx/CVE-2023-51258.json +++ b/CVE-2023/CVE-2023-512xx/CVE-2023-51258.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51258", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-18T21:15:08.293", - "lastModified": "2024-01-18T21:15:08.293", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-51xx/CVE-2023-5130.json b/CVE-2023/CVE-2023-51xx/CVE-2023-5130.json index 73cc4320ef5..82b93067b7e 100644 --- a/CVE-2023/CVE-2023-51xx/CVE-2023-5130.json +++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5130.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5130", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:10.890", - "lastModified": "2024-01-18T22:15:10.890", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-51xx/CVE-2023-5131.json b/CVE-2023/CVE-2023-51xx/CVE-2023-5131.json index f7d9af4a1b6..57069569653 100644 --- a/CVE-2023/CVE-2023-51xx/CVE-2023-5131.json +++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5131.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5131", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-18T22:15:11.100", - "lastModified": "2024-01-18T22:15:11.100", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6548.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6548.json index 72bcca9cd5d..f9961cae6ad 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6548.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6548.json @@ -2,8 +2,12 @@ "id": "CVE-2023-6548", "sourceIdentifier": "secure@citrix.com", "published": "2024-01-17T20:15:50.627", - "lastModified": "2024-01-18T13:42:11.613", + "lastModified": "2024-01-19T02:00:01.863", "vulnStatus": "Awaiting Analysis", + "cisaExploitAdd": "2024-01-17", + "cisaActionDue": "2024-01-24", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6549.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6549.json index a189597a1b5..b3030488dd7 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6549.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6549.json @@ -2,8 +2,12 @@ "id": "CVE-2023-6549", "sourceIdentifier": "secure@citrix.com", "published": "2024-01-17T21:15:11.690", - "lastModified": "2024-01-18T13:42:11.613", + "lastModified": "2024-01-19T02:00:01.863", "vulnStatus": "Awaiting Analysis", + "cisaExploitAdd": "2024-01-17", + "cisaActionDue": "2024-02-07", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6735.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6735.json index 2bde5c0f68c..b431da0b40c 100644 --- a/CVE-2023/CVE-2023-67xx/CVE-2023-6735.json +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6735.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6735", "sourceIdentifier": "security@checkmk.com", "published": "2024-01-12T08:15:43.650", - "lastModified": "2024-01-12T14:15:49.100", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T02:12:18.367", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -50,10 +80,617 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "8AF09C00-1AEF-4502-8C7B-3B68F2C35D34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "FE7C4821-74F2-442C-B51F-A52788FC61F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "D7A74CB5-CC6E-4166-B884-498F2CF1A33E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "42DCB139-5BBE-45F3-80F5-3A43D95A58BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "5D956394-C3F3-4C88-A791-364AE555D522" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "25E96088-0FA2-49FD-B93D-5AFC9605289E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "EDB60B12-F724-40C7-8EB2-1270484E88F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "1982ED3B-A0FA-476A-BFB2-5B7B53289496" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "F646D243-433E-46F9-9E8E-E4F734F9E648" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "D1C14080-79C9-4620-AD1F-6CB46F0F74D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "4AECE1FE-F3D1-4FF0-BDF9-F39FFCBF52E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "C2F79F99-5F46-48A7-BEE7-1551CD56C2F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "2EB6F9D4-13D2-4218-96EF-64C2126369DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "62841559-BDA0-4B67-932A-007D91BFBD14" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "F6F22F4E-4A8A-4A7B-A01A-50E9BEA019DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "C1467012-F4CD-4547-A761-50B5F478A055" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "200EE0FA-D641-4612-8048-3B00997CBB42" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "AA60BF44-AF52-458A-BD3F-9FD5D8408575" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "9BFE55DC-89EA-404F-8DDF-93E351366789" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "C62D8997-DD3B-4B83-B6A5-DFC2408A9164" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "80B4A77F-F636-49BB-8CB6-60064984463F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "356E5744-AB8E-4FBA-992F-74ED8F9086CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "41FB6FFA-F38F-4754-A1E6-35073D84069E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "E1AA25FE-FA1B-4525-99B8-1098E75BDC5C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "073ED1BF-B3FE-4CC4-A279-15981DBC0BE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "BA067A60-3B6A-4C3B-8934-E2725199EE39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "DD42912A-092C-4FD9-9874-5B04989164C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "E26E5640-8396-4B9C-890F-E9598CEB08FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "82CBA4CB-FCEE-4D33-8127-944D914A8F5C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "DE6414DD-DA34-4FE7-B976-A6898B454E60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "0CB08010-2416-469D-8B27-212F28BF62EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "8F66346B-4A8A-4323-B197-B5D4D949FCEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "28117164-A991-4E38-825D-88D7B16EC3CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "8EC2C076-C4C6-4C9A-84FE-B47E835AA0E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "57C08697-674F-4924-A5A2-40F1E2BF2059" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "AB444D23-88E8-4AFE-9F1E-56AE4ADF7644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "050E9020-9E83-4198-B550-F554686DCC36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "5D3DFD03-89BF-433F-B14C-8B46AD5146F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "50D06254-A368-4DE1-8734-1DC49002FBB1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "489B86C6-FDD3-4569-B330-86CF51B533B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "50456E0E-0597-4E90-9BFC-1384800ED073" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "0A7E61FE-E2B2-434F-8DFB-BF6AB78B8DE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "D5FDDC0D-52AA-419C-84CF-48B608B976E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "DC948630-1F71-4441-B842-29974C2D4C1B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "05518D94-0376-4B0C-AE53-74C54DBD6A10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "E9F4C18C-D62E-47F5-A309-D0BC9CFB990C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "DAFBA752-75C7-4514-AC75-CE7D78AE9F96" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "57BA8394-7755-45E0-8B4D-B37A8A5B5DB8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "D6A02DB9-71F6-429F-A084-D811AD016CBA" + } + ] + } + ] + } + ], "references": [ { "url": "https://checkmk.com/werk/16273", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6740.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6740.json index 115f3c2cebc..fc7a5a93c19 100644 --- a/CVE-2023/CVE-2023-67xx/CVE-2023-6740.json +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6740.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6740", "sourceIdentifier": "security@checkmk.com", "published": "2024-01-12T08:15:43.920", - "lastModified": "2024-01-12T14:15:49.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T02:12:08.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -50,10 +80,617 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "8AF09C00-1AEF-4502-8C7B-3B68F2C35D34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "FE7C4821-74F2-442C-B51F-A52788FC61F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "D7A74CB5-CC6E-4166-B884-498F2CF1A33E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "42DCB139-5BBE-45F3-80F5-3A43D95A58BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "5D956394-C3F3-4C88-A791-364AE555D522" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "25E96088-0FA2-49FD-B93D-5AFC9605289E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "EDB60B12-F724-40C7-8EB2-1270484E88F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "1982ED3B-A0FA-476A-BFB2-5B7B53289496" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "F646D243-433E-46F9-9E8E-E4F734F9E648" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "D1C14080-79C9-4620-AD1F-6CB46F0F74D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "4AECE1FE-F3D1-4FF0-BDF9-F39FFCBF52E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "C2F79F99-5F46-48A7-BEE7-1551CD56C2F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "2EB6F9D4-13D2-4218-96EF-64C2126369DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "62841559-BDA0-4B67-932A-007D91BFBD14" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "F6F22F4E-4A8A-4A7B-A01A-50E9BEA019DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "C1467012-F4CD-4547-A761-50B5F478A055" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "200EE0FA-D641-4612-8048-3B00997CBB42" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "AA60BF44-AF52-458A-BD3F-9FD5D8408575" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "9BFE55DC-89EA-404F-8DDF-93E351366789" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "C62D8997-DD3B-4B83-B6A5-DFC2408A9164" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "80B4A77F-F636-49BB-8CB6-60064984463F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "356E5744-AB8E-4FBA-992F-74ED8F9086CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "41FB6FFA-F38F-4754-A1E6-35073D84069E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "E1AA25FE-FA1B-4525-99B8-1098E75BDC5C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "073ED1BF-B3FE-4CC4-A279-15981DBC0BE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "BA067A60-3B6A-4C3B-8934-E2725199EE39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "DD42912A-092C-4FD9-9874-5B04989164C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "E26E5640-8396-4B9C-890F-E9598CEB08FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "82CBA4CB-FCEE-4D33-8127-944D914A8F5C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "DE6414DD-DA34-4FE7-B976-A6898B454E60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "0CB08010-2416-469D-8B27-212F28BF62EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "8F66346B-4A8A-4323-B197-B5D4D949FCEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "28117164-A991-4E38-825D-88D7B16EC3CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "8EC2C076-C4C6-4C9A-84FE-B47E835AA0E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "57C08697-674F-4924-A5A2-40F1E2BF2059" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "AB444D23-88E8-4AFE-9F1E-56AE4ADF7644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "050E9020-9E83-4198-B550-F554686DCC36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "5D3DFD03-89BF-433F-B14C-8B46AD5146F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "50D06254-A368-4DE1-8734-1DC49002FBB1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "489B86C6-FDD3-4569-B330-86CF51B533B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "50456E0E-0597-4E90-9BFC-1384800ED073" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "0A7E61FE-E2B2-434F-8DFB-BF6AB78B8DE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "D5FDDC0D-52AA-419C-84CF-48B608B976E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "DC948630-1F71-4441-B842-29974C2D4C1B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "05518D94-0376-4B0C-AE53-74C54DBD6A10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "E9F4C18C-D62E-47F5-A309-D0BC9CFB990C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "DAFBA752-75C7-4514-AC75-CE7D78AE9F96" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "57BA8394-7755-45E0-8B4D-B37A8A5B5DB8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "D6A02DB9-71F6-429F-A084-D811AD016CBA" + } + ] + } + ] + } + ], "references": [ { "url": "https://checkmk.com/werk/16163", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0503.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0503.json index 3df2c36dd33..a834b518809 100644 --- a/CVE-2024/CVE-2024-05xx/CVE-2024-0503.json +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0503.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0503", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-13T21:15:07.923", - "lastModified": "2024-01-14T21:42:17.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-19T01:56:50.973", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Online FIR System 1.0. It has been classified as problematic. This affects an unknown part of the file registercomplaint.php. The manipulation of the argument Name/Address leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250611." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en code-projects Online FIR System 1.0. Ha sido clasificada como problem\u00e1tica. Esto afecta a una parte desconocida del archivo Registercomplaint.php. La manipulaci\u00f3n del argumento Name/Address conduce a cross site scripting. Es posible iniciar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-250611." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sherlock:online_fir_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "28E4C2C3-3C4D-4E5A-858E-4D32672CC615" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1n9Zas-iSOfKVMN3UzPyVGgQgCmig2A5I/view?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.250611", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.250611", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0519.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0519.json index fa5bf316e86..50727876078 100644 --- a/CVE-2024/CVE-2024-05xx/CVE-2024-0519.json +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0519.json @@ -2,12 +2,20 @@ "id": "CVE-2024-0519", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2024-01-16T22:15:37.753", - "lastModified": "2024-01-16T23:12:38.473", + "lastModified": "2024-01-19T02:00:01.863", "vulnStatus": "Awaiting Analysis", + "cisaExploitAdd": "2024-01-17", + "cisaActionDue": "2024-02-07", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Google Chromium V8 Out-of-Bounds Memory Access Vulnerability", "descriptions": [ { "lang": "en", "value": "Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" + }, + { + "lang": "es", + "value": "El acceso a memoria fuera de los l\u00edmites en V8 en Google Chrome anterior a 120.0.6099.224 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chrome: alta)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0693.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0693.json index 3af8e417a7e..db4f1b96d53 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0693.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0693.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0693", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-18T23:15:08.493", - "lastModified": "2024-01-18T23:15:08.493", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0695.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0695.json index 0bfb76fb457..9c34ac21f56 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0695.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0695.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0695", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-18T23:15:08.720", - "lastModified": "2024-01-18T23:15:08.720", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0696.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0696.json index 44afff0b0a6..5737f87b99d 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0696.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0696.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0696", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-18T23:15:08.940", - "lastModified": "2024-01-18T23:15:08.940", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21887.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21887.json index 90ce195de98..91b313e5e6d 100644 --- a/CVE-2024/CVE-2024-218xx/CVE-2024-21887.json +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21887.json @@ -2,16 +2,20 @@ "id": "CVE-2024-21887", "sourceIdentifier": "support@hackerone.com", "published": "2024-01-12T17:15:10.017", - "lastModified": "2024-01-13T02:00:00.970", + "lastModified": "2024-01-19T02:00:01.863", "vulnStatus": "Analyzed", "cisaExploitAdd": "2024-01-10", - "cisaActionDue": "2024-01-31", + "cisaActionDue": "2024-01-22", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Ivanti Connect Secure and Policy Secure Command Injection Vulnerability", "descriptions": [ { "lang": "en", "value": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de inyecci\u00f3n de comandos en componentes web de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure (9.x, 22.x) permite a un administrador autenticado enviar solicitudes especialmente manipuladas y ejecutar comandos arbitrarios en el dispositivo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22213.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22213.json index a011d6a4d73..eda7fb312f6 100644 --- a/CVE-2024/CVE-2024-222xx/CVE-2024-22213.json +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22213.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22213", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-18T20:15:08.113", - "lastModified": "2024-01-18T20:15:08.113", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22400.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22400.json index 68f30bd3a86..4fcfc80e8b0 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22400.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22400.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22400", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-18T20:15:08.360", - "lastModified": "2024-01-18T20:15:08.360", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22401.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22401.json index 6fc0ded03fb..b3715742e4d 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22401.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22401.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22401", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-18T21:15:08.343", - "lastModified": "2024-01-18T21:15:08.343", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22402.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22402.json index 62295c22938..1bfe8ce55ed 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22402.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22402.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22402", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-18T21:15:08.590", - "lastModified": "2024-01-18T21:15:08.590", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22403.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22403.json index 7cf79d16e38..8e6c06f16e1 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22403.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22403.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22403", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-18T20:15:08.610", - "lastModified": "2024-01-18T20:15:08.610", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22404.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22404.json index b127683848f..4c6551918f4 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22404.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22404.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22404", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-18T21:15:08.830", - "lastModified": "2024-01-18T21:15:08.830", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22415.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22415.json index 986491efff8..ab78a306dc8 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22415.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22415.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22415", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-18T21:15:09.087", - "lastModified": "2024-01-18T21:15:09.087", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22418.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22418.json index f4b2e00b2a0..ff13f325b66 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22418.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22418.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22418", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-18T21:15:09.323", - "lastModified": "2024-01-18T21:15:09.323", - "vulnStatus": "Received", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22422.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22422.json new file mode 100644 index 00000000000..44998d7df22 --- /dev/null +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22422.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-22422", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-01-19T01:15:09.123", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit `08d33cfd8` an unauthenticated API route (file export) can allow attacker to crash the server resulting in a denial of service attack. The \u201cdata-export\u201d endpoint is used to export files using the filename parameter as user input. The endpoint takes the user input, filters it to avoid directory traversal attacks, fetches the file from the server, and afterwards deletes it. An attacker can trick the input filter mechanism to point to the current directory, and while attempting to delete it the server will crash as there is no error-handling wrapper around it. Moreover, the endpoint is public and does not require any form of authentication, resulting in an unauthenticated Denial of Service issue, which crashes the instance using a single HTTP packet. This issue has been addressed in commit `08d33cfd8`. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-754" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Mintplex-Labs/anything-llm/commit/08d33cfd8fc47c5052b6ea29597c964a9da641e2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-xmj6-g32r-fc5q", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22424.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22424.json new file mode 100644 index 00000000000..0ccb309b17a --- /dev/null +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22424.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-22424", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-01-19T01:15:09.317", + "lastModified": "2024-01-19T01:51:14.027", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim\u2019s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code. Argo CD uses the \u201cLax\u201d SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request. Many companies host Argo CD on an internal subdomain. If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the \u201cLax\u201d SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API. Browsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a \u201cpreflight request\u201d for POSTs with content type \u201capplication/json\u201d asking the destination API \u201care you allowed to accept requests from my domain?\u201d If the destination API does not answer \u201cyes,\u201d the browser will block the request. Before the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser\u2019s CORS check by setting the content type to something which is considered \u201cnot sensitive\u201d such as \u201ctext/plain.\u201d The browser wouldn\u2019t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code). A patch for this vulnerability has been released in the following Argo CD versions: 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. The patch contains a breaking API change. The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/argoproj/argo-cd/issues/2496", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/argoproj/argo-cd/pull/16860", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index c3fadb0ed8c..2dc2b99eb8f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-19T00:55:24.754098+00:00 +2024-01-19T03:00:24.915278+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-19T00:15:20.457000+00:00 +2024-01-19T02:15:07.970000+00:00 ``` ### Last Data Feed Release @@ -23,53 +23,58 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-01-18T01:00:28.234621+00:00 +2024-01-19T01:00:28.268681+00:00 ``` ### Total Number of included CVEs ```plain -236346 +236354 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `8` -* [CVE-2024-0693](CVE-2024/CVE-2024-06xx/CVE-2024-0693.json) (`2024-01-18T23:15:08.493`) -* [CVE-2024-0695](CVE-2024/CVE-2024-06xx/CVE-2024-0695.json) (`2024-01-18T23:15:08.720`) -* [CVE-2024-0696](CVE-2024/CVE-2024-06xx/CVE-2024-0696.json) (`2024-01-18T23:15:08.940`) +* [CVE-2023-35020](CVE-2023/CVE-2023-350xx/CVE-2023-35020.json) (`2024-01-19T01:15:08.347`) +* [CVE-2023-38738](CVE-2023/CVE-2023-387xx/CVE-2023-38738.json) (`2024-01-19T01:15:08.717`) +* [CVE-2023-40683](CVE-2023/CVE-2023-406xx/CVE-2023-40683.json) (`2024-01-19T01:15:08.910`) +* [CVE-2023-32337](CVE-2023/CVE-2023-323xx/CVE-2023-32337.json) (`2024-01-19T02:15:07.537`) +* [CVE-2023-47718](CVE-2023/CVE-2023-477xx/CVE-2023-47718.json) (`2024-01-19T02:15:07.757`) +* [CVE-2023-50963](CVE-2023/CVE-2023-509xx/CVE-2023-50963.json) (`2024-01-19T02:15:07.970`) +* [CVE-2024-22422](CVE-2024/CVE-2024-224xx/CVE-2024-22422.json) (`2024-01-19T01:15:09.123`) +* [CVE-2024-22424](CVE-2024/CVE-2024-224xx/CVE-2024-22424.json) (`2024-01-19T01:15:09.317`) ### CVEs modified in the last Commit -Recently modified CVEs: `121` +Recently modified CVEs: `42` -* [CVE-2020-1561](CVE-2020/CVE-2020-15xx/CVE-2020-1561.json) (`2024-01-19T00:15:18.337`) -* [CVE-2020-1562](CVE-2020/CVE-2020-15xx/CVE-2020-1562.json) (`2024-01-19T00:15:18.403`) -* [CVE-2020-1563](CVE-2020/CVE-2020-15xx/CVE-2020-1563.json) (`2024-01-19T00:15:18.480`) -* [CVE-2020-1564](CVE-2020/CVE-2020-15xx/CVE-2020-1564.json) (`2024-01-19T00:15:18.560`) -* [CVE-2020-1565](CVE-2020/CVE-2020-15xx/CVE-2020-1565.json) (`2024-01-19T00:15:18.637`) -* [CVE-2020-1566](CVE-2020/CVE-2020-15xx/CVE-2020-1566.json) (`2024-01-19T00:15:18.730`) -* [CVE-2020-1567](CVE-2020/CVE-2020-15xx/CVE-2020-1567.json) (`2024-01-19T00:15:18.873`) -* [CVE-2020-1568](CVE-2020/CVE-2020-15xx/CVE-2020-1568.json) (`2024-01-19T00:15:18.990`) -* [CVE-2020-1569](CVE-2020/CVE-2020-15xx/CVE-2020-1569.json) (`2024-01-19T00:15:19.090`) -* [CVE-2020-1570](CVE-2020/CVE-2020-15xx/CVE-2020-1570.json) (`2024-01-19T00:15:19.187`) -* [CVE-2020-1571](CVE-2020/CVE-2020-15xx/CVE-2020-1571.json) (`2024-01-19T00:15:19.257`) -* [CVE-2020-1573](CVE-2020/CVE-2020-15xx/CVE-2020-1573.json) (`2024-01-19T00:15:19.350`) -* [CVE-2020-1574](CVE-2020/CVE-2020-15xx/CVE-2020-1574.json) (`2024-01-19T00:15:19.437`) -* [CVE-2020-1577](CVE-2020/CVE-2020-15xx/CVE-2020-1577.json) (`2024-01-19T00:15:19.527`) -* [CVE-2020-1578](CVE-2020/CVE-2020-15xx/CVE-2020-1578.json) (`2024-01-19T00:15:19.627`) -* [CVE-2020-1579](CVE-2020/CVE-2020-15xx/CVE-2020-1579.json) (`2024-01-19T00:15:19.697`) -* [CVE-2020-1580](CVE-2020/CVE-2020-15xx/CVE-2020-1580.json) (`2024-01-19T00:15:19.770`) -* [CVE-2020-1581](CVE-2020/CVE-2020-15xx/CVE-2020-1581.json) (`2024-01-19T00:15:19.847`) -* [CVE-2020-1582](CVE-2020/CVE-2020-15xx/CVE-2020-1582.json) (`2024-01-19T00:15:19.910`) -* [CVE-2020-1583](CVE-2020/CVE-2020-15xx/CVE-2020-1583.json) (`2024-01-19T00:15:20.010`) -* [CVE-2020-1584](CVE-2020/CVE-2020-15xx/CVE-2020-1584.json) (`2024-01-19T00:15:20.120`) -* [CVE-2020-1585](CVE-2020/CVE-2020-15xx/CVE-2020-1585.json) (`2024-01-19T00:15:20.223`) -* [CVE-2020-1587](CVE-2020/CVE-2020-15xx/CVE-2020-1587.json) (`2024-01-19T00:15:20.300`) -* [CVE-2020-1591](CVE-2020/CVE-2020-15xx/CVE-2020-1591.json) (`2024-01-19T00:15:20.377`) -* [CVE-2020-1597](CVE-2020/CVE-2020-15xx/CVE-2020-1597.json) (`2024-01-19T00:15:20.457`) +* [CVE-2023-46805](CVE-2023/CVE-2023-468xx/CVE-2023-46805.json) (`2024-01-19T02:00:01.863`) +* [CVE-2023-6548](CVE-2023/CVE-2023-65xx/CVE-2023-6548.json) (`2024-01-19T02:00:01.863`) +* [CVE-2023-6549](CVE-2023/CVE-2023-65xx/CVE-2023-6549.json) (`2024-01-19T02:00:01.863`) +* [CVE-2023-31211](CVE-2023/CVE-2023-312xx/CVE-2023-31211.json) (`2024-01-19T02:09:26.650`) +* [CVE-2023-40362](CVE-2023/CVE-2023-403xx/CVE-2023-40362.json) (`2024-01-19T02:09:45.820`) +* [CVE-2023-50919](CVE-2023/CVE-2023-509xx/CVE-2023-50919.json) (`2024-01-19T02:10:22.870`) +* [CVE-2023-50920](CVE-2023/CVE-2023-509xx/CVE-2023-50920.json) (`2024-01-19T02:11:15.010`) +* [CVE-2023-49262](CVE-2023/CVE-2023-492xx/CVE-2023-49262.json) (`2024-01-19T02:11:40.757`) +* [CVE-2023-49255](CVE-2023/CVE-2023-492xx/CVE-2023-49255.json) (`2024-01-19T02:11:57.800`) +* [CVE-2023-6740](CVE-2023/CVE-2023-67xx/CVE-2023-6740.json) (`2024-01-19T02:12:08.587`) +* [CVE-2023-6735](CVE-2023/CVE-2023-67xx/CVE-2023-6735.json) (`2024-01-19T02:12:18.367`) +* [CVE-2024-22213](CVE-2024/CVE-2024-222xx/CVE-2024-22213.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-22400](CVE-2024/CVE-2024-224xx/CVE-2024-22400.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-22403](CVE-2024/CVE-2024-224xx/CVE-2024-22403.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-22401](CVE-2024/CVE-2024-224xx/CVE-2024-22401.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-22402](CVE-2024/CVE-2024-224xx/CVE-2024-22402.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-22404](CVE-2024/CVE-2024-224xx/CVE-2024-22404.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-22415](CVE-2024/CVE-2024-224xx/CVE-2024-22415.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-22418](CVE-2024/CVE-2024-224xx/CVE-2024-22418.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-0693](CVE-2024/CVE-2024-06xx/CVE-2024-0693.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-0695](CVE-2024/CVE-2024-06xx/CVE-2024-0695.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-0696](CVE-2024/CVE-2024-06xx/CVE-2024-0696.json) (`2024-01-19T01:51:14.027`) +* [CVE-2024-0503](CVE-2024/CVE-2024-05xx/CVE-2024-0503.json) (`2024-01-19T01:56:50.973`) +* [CVE-2024-21887](CVE-2024/CVE-2024-218xx/CVE-2024-21887.json) (`2024-01-19T02:00:01.863`) +* [CVE-2024-0519](CVE-2024/CVE-2024-05xx/CVE-2024-0519.json) (`2024-01-19T02:00:01.863`) ## Download and Usage