mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2024-01-19T03:00:24.915278+00:00
This commit is contained in:
parent
99204ae719
commit
b223d464af
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-31211",
|
||||
"sourceIdentifier": "security@checkmk.com",
|
||||
"published": "2024-01-12T08:15:43.137",
|
||||
"lastModified": "2024-01-12T14:15:48.050",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T02:09:26.650",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -16,6 +16,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 3.6
|
||||
},
|
||||
{
|
||||
"source": "security@checkmk.com",
|
||||
"type": "Secondary",
|
||||
@ -39,6 +59,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-670"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@checkmk.com",
|
||||
"type": "Secondary",
|
||||
@ -50,10 +80,617 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "2.0.0",
|
||||
"matchCriteriaId": "8AF09C00-1AEF-4502-8C7B-3B68F2C35D34"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "FE7C4821-74F2-442C-B51F-A52788FC61F4"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D7A74CB5-CC6E-4166-B884-498F2CF1A33E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "42DCB139-5BBE-45F3-80F5-3A43D95A58BB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D956394-C3F3-4C88-A791-364AE555D522"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "25E96088-0FA2-49FD-B93D-5AFC9605289E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "EDB60B12-F724-40C7-8EB2-1270484E88F6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1982ED3B-A0FA-476A-BFB2-5B7B53289496"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F646D243-433E-46F9-9E8E-E4F734F9E648"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D1C14080-79C9-4620-AD1F-6CB46F0F74D0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4AECE1FE-F3D1-4FF0-BDF9-F39FFCBF52E0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C2F79F99-5F46-48A7-BEE7-1551CD56C2F7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2EB6F9D4-13D2-4218-96EF-64C2126369DC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p35:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "62841559-BDA0-4B67-932A-007D91BFBD14"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p36:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F6F22F4E-4A8A-4A7B-A01A-50E9BEA019DA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p37:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C1467012-F4CD-4547-A761-50B5F478A055"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p38:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "200EE0FA-D641-4612-8048-3B00997CBB42"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "AA60BF44-AF52-458A-BD3F-9FD5D8408575"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9BFE55DC-89EA-404F-8DDF-93E351366789"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C62D8997-DD3B-4B83-B6A5-DFC2408A9164"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "80B4A77F-F636-49BB-8CB6-60064984463F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "356E5744-AB8E-4FBA-992F-74ED8F9086CE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "41FB6FFA-F38F-4754-A1E6-35073D84069E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p28:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E1AA25FE-FA1B-4525-99B8-1098E75BDC5C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p29:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "073ED1BF-B3FE-4CC4-A279-15981DBC0BE8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p30:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BA067A60-3B6A-4C3B-8934-E2725199EE39"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p31:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DD42912A-092C-4FD9-9874-5B04989164C0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p32:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E26E5640-8396-4B9C-890F-E9598CEB08FB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p33:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "82CBA4CB-FCEE-4D33-8127-944D914A8F5C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p34:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DE6414DD-DA34-4FE7-B976-A6898B454E60"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p35:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0CB08010-2416-469D-8B27-212F28BF62EB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p36:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8F66346B-4A8A-4323-B197-B5D4D949FCEE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p37:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "28117164-A991-4E38-825D-88D7B16EC3CB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8EC2C076-C4C6-4C9A-84FE-B47E835AA0E7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "57C08697-674F-4924-A5A2-40F1E2BF2059"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "AB444D23-88E8-4AFE-9F1E-56AE4ADF7644"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "050E9020-9E83-4198-B550-F554686DCC36"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p10:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D3DFD03-89BF-433F-B14C-8B46AD5146F6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p11:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "50D06254-A368-4DE1-8734-1DC49002FBB1"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p12:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "489B86C6-FDD3-4569-B330-86CF51B533B0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p13:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "50456E0E-0597-4E90-9BFC-1384800ED073"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p14:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0A7E61FE-E2B2-434F-8DFB-BF6AB78B8DE9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p15:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D5FDDC0D-52AA-419C-84CF-48B608B976E3"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p16:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DC948630-1F71-4441-B842-29974C2D4C1B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p17:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "05518D94-0376-4B0C-AE53-74C54DBD6A10"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E9F4C18C-D62E-47F5-A309-D0BC9CFB990C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DAFBA752-75C7-4514-AC75-CE7D78AE9F96"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "57BA8394-7755-45E0-8B4D-B37A8A5B5DB8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D6A02DB9-71F6-429F-A084-D811AD016CBA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://checkmk.com/werk/16227",
|
||||
"source": "security@checkmk.com"
|
||||
"source": "security@checkmk.com",
|
||||
"tags": [
|
||||
"Patch",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
59
CVE-2023/CVE-2023-323xx/CVE-2023-32337.json
Normal file
59
CVE-2023/CVE-2023-323xx/CVE-2023-32337.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2023-32337",
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-01-19T02:15:07.537",
|
||||
"lastModified": "2024-01-19T02:15:07.537",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.4,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.3,
|
||||
"impactScore": 2.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-918"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/255288",
|
||||
"source": "psirt@us.ibm.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7107712",
|
||||
"source": "psirt@us.ibm.com"
|
||||
}
|
||||
]
|
||||
}
|
59
CVE-2023/CVE-2023-350xx/CVE-2023-35020.json
Normal file
59
CVE-2023/CVE-2023-350xx/CVE-2023-35020.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2023-35020",
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-01-19T01:15:08.347",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257874."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.4,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 2.5
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-22"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257874",
|
||||
"source": "psirt@us.ibm.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7107788",
|
||||
"source": "psirt@us.ibm.com"
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,12 @@
|
||||
"id": "CVE-2023-35082",
|
||||
"sourceIdentifier": "support@hackerone.com",
|
||||
"published": "2023-08-15T16:15:11.633",
|
||||
"lastModified": "2023-08-22T02:16:30.973",
|
||||
"lastModified": "2024-01-19T02:00:01.863",
|
||||
"vulnStatus": "Analyzed",
|
||||
"cisaExploitAdd": "2024-01-18",
|
||||
"cisaActionDue": "2024-02-08",
|
||||
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
|
||||
"cisaVulnerabilityName": "Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-37117",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-01-12T07:15:12.077",
|
||||
"lastModified": "2024-01-12T13:47:31.250",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T01:57:04.067",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,15 +14,76 @@
|
||||
"value": "Se encontr\u00f3 una vulnerabilidad de use after free del mont\u00f3n en live555 versi\u00f3n 2023.05.10 mientras se manejaba el SETUP."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-416"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:live555:live555:2023.05.10:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "FD34412A-C903-4798-A9AF-8EE23BFBE493"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://lists.live555.com/pipermail/live-devel/2023-June/022331.html",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Mailing List",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "http://www.live555.com/liveMedia/public/changelog.txt",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Release Notes",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
59
CVE-2023/CVE-2023-387xx/CVE-2023-38738.json
Normal file
59
CVE-2023/CVE-2023-387xx/CVE-2023-38738.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2023-38738",
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-01-19T01:15:08.717",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "\nIBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit this weakness and gain unauthorized access to other OpenPages accounts. IBM X-Force ID: 262594.\n\n"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "HIGH",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.8,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.6,
|
||||
"impactScore": 5.2
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-257"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262594",
|
||||
"source": "psirt@us.ibm.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7107775",
|
||||
"source": "psirt@us.ibm.com"
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-40362",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-01-12T08:15:43.467",
|
||||
"lastModified": "2024-01-12T13:47:31.250",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T02:09:45.820",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,15 +14,75 @@
|
||||
"value": "Se descubri\u00f3 un problema en CentralSquare Click2Gov Building Permit antes de octubre de 2023. La falta de protecciones de control de acceso permite a atacantes remotos eliminar arbitrariamente a los contratistas de la cuenta de cualquier usuario cuando se conoce la identificaci\u00f3n del usuario y la informaci\u00f3n del contratista."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-862"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:centralsquare:click2gov_building_permit:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D740CF40-FBCC-4F42-B993-870E00917DA4"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/ally-petitt/CVE-2023-40362",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.classaction.org/news/centralsquare-hit-with-class-action-over-2017-2018-click2gov-data-breach",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Press/Media Coverage",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
59
CVE-2023/CVE-2023-406xx/CVE-2023-40683.json
Normal file
59
CVE-2023/CVE-2023-406xx/CVE-2023-40683.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2023-40683",
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-01-19T01:15:08.910",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrative access to the application. IBM X-Force ID: 264005."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-264"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264005",
|
||||
"source": "psirt@us.ibm.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7107774",
|
||||
"source": "psirt@us.ibm.com"
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43815",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:08.717",
|
||||
"lastModified": "2024-01-18T22:15:08.717",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43816",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:08.957",
|
||||
"lastModified": "2024-01-18T22:15:08.957",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43817",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:09.183",
|
||||
"lastModified": "2024-01-18T22:15:09.183",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43818",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:09.383",
|
||||
"lastModified": "2024-01-18T22:15:09.383",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43819",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:09.587",
|
||||
"lastModified": "2024-01-18T22:15:09.587",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43820",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:09.800",
|
||||
"lastModified": "2024-01-18T22:15:09.800",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43821",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:10.017",
|
||||
"lastModified": "2024-01-18T22:15:10.017",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43822",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:10.220",
|
||||
"lastModified": "2024-01-18T22:15:10.220",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43823",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:10.430",
|
||||
"lastModified": "2024-01-18T22:15:10.430",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-43824",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:10.630",
|
||||
"lastModified": "2024-01-18T22:15:10.630",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,16 +2,20 @@
|
||||
"id": "CVE-2023-46805",
|
||||
"sourceIdentifier": "support@hackerone.com",
|
||||
"published": "2024-01-12T17:15:09.530",
|
||||
"lastModified": "2024-01-13T02:00:00.970",
|
||||
"lastModified": "2024-01-19T02:00:01.863",
|
||||
"vulnStatus": "Analyzed",
|
||||
"cisaExploitAdd": "2024-01-10",
|
||||
"cisaActionDue": "2024-01-31",
|
||||
"cisaActionDue": "2024-01-22",
|
||||
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
|
||||
"cisaVulnerabilityName": "Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en el componente web de Ivanti ICS 9.x, 22.x e Ivanti Policy Secure permite a un atacante remoto acceder a recursos restringidos omitiendo las comprobaciones de control."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
63
CVE-2023/CVE-2023-477xx/CVE-2023-47718.json
Normal file
63
CVE-2023/CVE-2023-477xx/CVE-2023-47718.json
Normal file
@ -0,0 +1,63 @@
|
||||
{
|
||||
"id": "CVE-2023-47718",
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-01-19T02:15:07.757",
|
||||
"lastModified": "2024-01-19T02:15:07.757",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 271843."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271843",
|
||||
"source": "psirt@us.ibm.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7107738",
|
||||
"source": "psirt@us.ibm.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7107740",
|
||||
"source": "psirt@us.ibm.com"
|
||||
}
|
||||
]
|
||||
}
|
@ -2,16 +2,53 @@
|
||||
"id": "CVE-2023-49255",
|
||||
"sourceIdentifier": "cvd@cert.pl",
|
||||
"published": "2024-01-12T15:15:09.083",
|
||||
"lastModified": "2024-01-12T15:54:26.600",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T02:11:57.800",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The router console is accessible without authentication at \"data\" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. If any other user is currently logged in, the anonymous user can execute commands in the context of the authenticated one. If the logged in user has administrative privileges, it is possible to use webadmin service configuration commands to create a new admin user with a chosen password."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se puede acceder a la consola del enrutador sin autenticaci\u00f3n en el campo \"data\" y, si bien es necesario que un usuario inicie sesi\u00f3n para modificar la configuraci\u00f3n, el estado de la sesi\u00f3n se comparte. Si alg\u00fan otro usuario ha iniciado sesi\u00f3n actualmente, el usuario an\u00f3nimo puede ejecutar comandos en el contexto del autenticado. Si el usuario que inici\u00f3 sesi\u00f3n tiene privilegios administrativos, es posible utilizar los comandos de configuraci\u00f3n del servicio webadmin para crear un nuevo usuario administrador con una contrase\u00f1a elegida."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-306"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "cvd@cert.pl",
|
||||
"type": "Secondary",
|
||||
@ -23,14 +60,50 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:hongdian:h8951-4g-esp_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "2310271149",
|
||||
"matchCriteriaId": "4391599E-AC50-4409-B8DE-D86CD4EACA35"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:hongdian:h8951-4g-esp:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "3B44C0C6-3995-43DB-9B49-78110E5E7A43"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-49253/",
|
||||
"source": "cvd@cert.pl"
|
||||
"source": "cvd@cert.pl",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://cert.pl/posts/2024/01/CVE-2023-49253/",
|
||||
"source": "cvd@cert.pl"
|
||||
"source": "cvd@cert.pl",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,16 +2,53 @@
|
||||
"id": "CVE-2023-49262",
|
||||
"sourceIdentifier": "cvd@cert.pl",
|
||||
"published": "2024-01-12T15:15:09.593",
|
||||
"lastModified": "2024-01-12T15:54:26.600",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T02:11:40.757",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The authentication mechanism can be bypassed by overflowing the value of the Cookie \"authentication\" field, provided there is an active user session."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El mecanismo de autenticaci\u00f3n se puede omitir desbordando el valor del campo \"authentication\" de cookies, siempre que haya una sesi\u00f3n de usuario activa."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-287"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "cvd@cert.pl",
|
||||
"type": "Secondary",
|
||||
@ -23,14 +60,50 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:hongdian:h8951-4g-esp_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "2310271149",
|
||||
"matchCriteriaId": "4391599E-AC50-4409-B8DE-D86CD4EACA35"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:hongdian:h8951-4g-esp:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "3B44C0C6-3995-43DB-9B49-78110E5E7A43"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-49253/",
|
||||
"source": "cvd@cert.pl"
|
||||
"source": "cvd@cert.pl",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://cert.pl/posts/2024/01/CVE-2023-49253/",
|
||||
"source": "cvd@cert.pl"
|
||||
"source": "cvd@cert.pl",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-50614",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-01-18T22:15:10.843",
|
||||
"lastModified": "2024-01-18T22:15:10.843",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-50919",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-01-12T08:15:43.533",
|
||||
"lastModified": "2024-01-12T13:47:31.250",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T02:10:22.870",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,11 +14,437 @@
|
||||
"value": "Se descubri\u00f3 un problema en dispositivos GL.iNet anteriores a la versi\u00f3n 4.5.0. Existe una omisi\u00f3n de autenticaci\u00f3n NGINX mediante la coincidencia de patrones de cadenas Lua. Esto afecta a A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7 y B1300 4.3.7."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-287"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9085B46F-0620-4126-9E6B-C729C49C23C4"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "CC12DFE3-F634-4737-AEF7-82685634F65E"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-ax1800:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "459CA3AD-7D9A-4E72-8847-9F989232CDCD"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C3C99D06-8CF3-4F1F-9729-DDD871CD28D8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2321AEF1-B475-439F-A936-581337CB5181"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-axt1800:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "49448661-9D95-4218-B2FA-73610AA5523C"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0E4AFE9D-666C-4898-A27B-3AAC1A74908D"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "12F39096-F3A6-4240-9CCF-3CEB44A549D4"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4D832083-488B-40F2-8D7A-66E917DF67F9"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5BDCB33B-3A4D-4F62-A302-73C10852529B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D78DCE77-BBC1-4702-89F3-A2064A82ED85"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt2500:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "88C600EF-AF68-45F0-B9C0-7ECA0D33179C"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt6000_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E0991507-2442-42D2-AFB2-79D91F631CC7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt6000_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BB2FAEE3-AF10-4D2A-9A5B-8F783613AC7F"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt6000:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0480E0BD-DAEE-42E7-A6EB-BC09889CC7B9"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D462B247-60E8-4044-B413-D145F342F8BA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "843FD80C-235B-4B28-9D98-8DDBFED335D4"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt1300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "65A8D1C9-9EAE-4EDF-A1D4-D45E9EE65585"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7469E6FA-07DB-430D-BAD8-21AF64C55FBA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C6E6EF01-62DC-438B-B975-C3DF84DC6E52"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt300n-v2:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "EA4A042E-2C80-4EF9-93CA-D2756216BB0C"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4037EFB4-EA0A-4C89-800A-2990AA8BC185"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F760479D-D8E7-4AC2-8083-AAE870225CE7"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8C939D70-5353-43B7-AEF9-8F1D784DD4EF"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "ACAAD071-0070-48B9-9797-26B1D5CAC962"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C03FF3D4-BC96-42DB-8EC6-466A1C02B534"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-ar750:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "6FE176E8-8CB1-429B-9B3B-E1F58EC0C8F5"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E267A0D1-8D9B-43A9-88F0-3CA961403FBC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "551632B5-BBAC-4A4D-96BD-8D49EF3A5EFB"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-ar300m:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "10C965DA-2D49-4ED6-B028-3A23164EDC14"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9E6AF4D2-8BD0-4536-82AA-A9A06441DB59"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "AFBE858E-8D41-4221-8520-25BA35EFE8D3"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-b1300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "10D84ECB-35CB-42B0-B925-8B631C235CC2"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1D582CF8-55A2-4261-84A3-DB5677C569D2"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "789782AD-CCC9-403C-810A-F634B09EEB5B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-a1300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2365517B-F8AF-490D-9282-36679EB484D2"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass.md",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Issue Tracking",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-50920",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-01-12T08:15:43.590",
|
||||
"lastModified": "2024-01-12T13:47:31.250",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T02:11:15.010",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,11 +14,437 @@
|
||||
"value": "Se descubri\u00f3 un problema en dispositivos GL.iNet anteriores a la versi\u00f3n 4.5.0. Asignan el mismo ID de sesi\u00f3n despu\u00e9s de reiniciar cada usuario, lo que permite a los atacantes compartir identificadores de sesi\u00f3n entre diferentes sesiones y omitir las medidas de autenticaci\u00f3n o control de acceso. Los atacantes pueden hacerse pasar por usuarios leg\u00edtimos o realizar acciones no autorizadas. Esto afecta a A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7 y B1300 4.3.7."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
|
||||
"attackVector": "LOCAL",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.8,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-384"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9085B46F-0620-4126-9E6B-C729C49C23C4"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "CC12DFE3-F634-4737-AEF7-82685634F65E"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-ax1800:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "459CA3AD-7D9A-4E72-8847-9F989232CDCD"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C3C99D06-8CF3-4F1F-9729-DDD871CD28D8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2321AEF1-B475-439F-A936-581337CB5181"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-axt1800:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "49448661-9D95-4218-B2FA-73610AA5523C"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0E4AFE9D-666C-4898-A27B-3AAC1A74908D"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "12F39096-F3A6-4240-9CCF-3CEB44A549D4"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4D832083-488B-40F2-8D7A-66E917DF67F9"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5BDCB33B-3A4D-4F62-A302-73C10852529B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D78DCE77-BBC1-4702-89F3-A2064A82ED85"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt2500:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "88C600EF-AF68-45F0-B9C0-7ECA0D33179C"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt6000_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E0991507-2442-42D2-AFB2-79D91F631CC7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt6000_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BB2FAEE3-AF10-4D2A-9A5B-8F783613AC7F"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt6000:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0480E0BD-DAEE-42E7-A6EB-BC09889CC7B9"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D462B247-60E8-4044-B413-D145F342F8BA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "843FD80C-235B-4B28-9D98-8DDBFED335D4"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt1300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "65A8D1C9-9EAE-4EDF-A1D4-D45E9EE65585"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7469E6FA-07DB-430D-BAD8-21AF64C55FBA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C6E6EF01-62DC-438B-B975-C3DF84DC6E52"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-mt300n-v2:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "EA4A042E-2C80-4EF9-93CA-D2756216BB0C"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4037EFB4-EA0A-4C89-800A-2990AA8BC185"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F760479D-D8E7-4AC2-8083-AAE870225CE7"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8C939D70-5353-43B7-AEF9-8F1D784DD4EF"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "ACAAD071-0070-48B9-9797-26B1D5CAC962"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C03FF3D4-BC96-42DB-8EC6-466A1C02B534"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-ar750:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "6FE176E8-8CB1-429B-9B3B-E1F58EC0C8F5"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E267A0D1-8D9B-43A9-88F0-3CA961403FBC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "551632B5-BBAC-4A4D-96BD-8D49EF3A5EFB"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-ar300m:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "10C965DA-2D49-4ED6-B028-3A23164EDC14"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9E6AF4D2-8BD0-4536-82AA-A9A06441DB59"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "AFBE858E-8D41-4221-8520-25BA35EFE8D3"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-b1300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "10D84ECB-35CB-42B0-B925-8B631C235CC2"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:4.3.7:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1D582CF8-55A2-4261-84A3-DB5677C569D2"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:4.4.6:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "789782AD-CCC9-403C-810A-F634B09EEB5B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:gl-inet:gl-a1300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2365517B-F8AF-490D-9282-36679EB484D2"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass-seesion-ID.md",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Issue Tracking",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
59
CVE-2023/CVE-2023-509xx/CVE-2023-50963.json
Normal file
59
CVE-2023/CVE-2023-509xx/CVE-2023-50963.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2023-50963",
|
||||
"sourceIdentifier": "psirt@us.ibm.com",
|
||||
"published": "2024-01-19T02:15:07.970",
|
||||
"lastModified": "2024-01-19T02:15:07.970",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 276101."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 2.5
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "psirt@us.ibm.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-601"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/276101",
|
||||
"source": "psirt@us.ibm.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7106918",
|
||||
"source": "psirt@us.ibm.com"
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-51217",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-01-18T21:15:08.243",
|
||||
"lastModified": "2024-01-18T21:15:08.243",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-51258",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-01-18T21:15:08.293",
|
||||
"lastModified": "2024-01-18T21:15:08.293",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-5130",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:10.890",
|
||||
"lastModified": "2024-01-18T22:15:10.890",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-5131",
|
||||
"sourceIdentifier": "disclosures@exodusintel.com",
|
||||
"published": "2024-01-18T22:15:11.100",
|
||||
"lastModified": "2024-01-18T22:15:11.100",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,12 @@
|
||||
"id": "CVE-2023-6548",
|
||||
"sourceIdentifier": "secure@citrix.com",
|
||||
"published": "2024-01-17T20:15:50.627",
|
||||
"lastModified": "2024-01-18T13:42:11.613",
|
||||
"lastModified": "2024-01-19T02:00:01.863",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cisaExploitAdd": "2024-01-17",
|
||||
"cisaActionDue": "2024-01-24",
|
||||
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
|
||||
"cisaVulnerabilityName": "Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,12 @@
|
||||
"id": "CVE-2023-6549",
|
||||
"sourceIdentifier": "secure@citrix.com",
|
||||
"published": "2024-01-17T21:15:11.690",
|
||||
"lastModified": "2024-01-18T13:42:11.613",
|
||||
"lastModified": "2024-01-19T02:00:01.863",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cisaExploitAdd": "2024-01-17",
|
||||
"cisaActionDue": "2024-02-07",
|
||||
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
|
||||
"cisaVulnerabilityName": "Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-6735",
|
||||
"sourceIdentifier": "security@checkmk.com",
|
||||
"published": "2024-01-12T08:15:43.650",
|
||||
"lastModified": "2024-01-12T14:15:49.100",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T02:12:18.367",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -16,6 +16,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "LOCAL",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 1.8,
|
||||
"impactScore": 5.9
|
||||
},
|
||||
{
|
||||
"source": "security@checkmk.com",
|
||||
"type": "Secondary",
|
||||
@ -39,6 +59,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-269"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@checkmk.com",
|
||||
"type": "Secondary",
|
||||
@ -50,10 +80,617 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "2.0.0",
|
||||
"matchCriteriaId": "8AF09C00-1AEF-4502-8C7B-3B68F2C35D34"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "FE7C4821-74F2-442C-B51F-A52788FC61F4"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D7A74CB5-CC6E-4166-B884-498F2CF1A33E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "42DCB139-5BBE-45F3-80F5-3A43D95A58BB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D956394-C3F3-4C88-A791-364AE555D522"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "25E96088-0FA2-49FD-B93D-5AFC9605289E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "EDB60B12-F724-40C7-8EB2-1270484E88F6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1982ED3B-A0FA-476A-BFB2-5B7B53289496"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F646D243-433E-46F9-9E8E-E4F734F9E648"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D1C14080-79C9-4620-AD1F-6CB46F0F74D0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4AECE1FE-F3D1-4FF0-BDF9-F39FFCBF52E0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C2F79F99-5F46-48A7-BEE7-1551CD56C2F7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2EB6F9D4-13D2-4218-96EF-64C2126369DC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p35:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "62841559-BDA0-4B67-932A-007D91BFBD14"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p36:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F6F22F4E-4A8A-4A7B-A01A-50E9BEA019DA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p37:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C1467012-F4CD-4547-A761-50B5F478A055"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p38:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "200EE0FA-D641-4612-8048-3B00997CBB42"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "AA60BF44-AF52-458A-BD3F-9FD5D8408575"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9BFE55DC-89EA-404F-8DDF-93E351366789"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C62D8997-DD3B-4B83-B6A5-DFC2408A9164"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "80B4A77F-F636-49BB-8CB6-60064984463F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "356E5744-AB8E-4FBA-992F-74ED8F9086CE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "41FB6FFA-F38F-4754-A1E6-35073D84069E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p28:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E1AA25FE-FA1B-4525-99B8-1098E75BDC5C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p29:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "073ED1BF-B3FE-4CC4-A279-15981DBC0BE8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p30:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BA067A60-3B6A-4C3B-8934-E2725199EE39"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p31:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DD42912A-092C-4FD9-9874-5B04989164C0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p32:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E26E5640-8396-4B9C-890F-E9598CEB08FB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p33:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "82CBA4CB-FCEE-4D33-8127-944D914A8F5C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p34:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DE6414DD-DA34-4FE7-B976-A6898B454E60"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p35:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0CB08010-2416-469D-8B27-212F28BF62EB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p36:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8F66346B-4A8A-4323-B197-B5D4D949FCEE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p37:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "28117164-A991-4E38-825D-88D7B16EC3CB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8EC2C076-C4C6-4C9A-84FE-B47E835AA0E7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "57C08697-674F-4924-A5A2-40F1E2BF2059"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "AB444D23-88E8-4AFE-9F1E-56AE4ADF7644"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "050E9020-9E83-4198-B550-F554686DCC36"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p10:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D3DFD03-89BF-433F-B14C-8B46AD5146F6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p11:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "50D06254-A368-4DE1-8734-1DC49002FBB1"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p12:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "489B86C6-FDD3-4569-B330-86CF51B533B0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p13:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "50456E0E-0597-4E90-9BFC-1384800ED073"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p14:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0A7E61FE-E2B2-434F-8DFB-BF6AB78B8DE9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p15:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D5FDDC0D-52AA-419C-84CF-48B608B976E3"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p16:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DC948630-1F71-4441-B842-29974C2D4C1B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p17:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "05518D94-0376-4B0C-AE53-74C54DBD6A10"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E9F4C18C-D62E-47F5-A309-D0BC9CFB990C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DAFBA752-75C7-4514-AC75-CE7D78AE9F96"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "57BA8394-7755-45E0-8B4D-B37A8A5B5DB8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D6A02DB9-71F6-429F-A084-D811AD016CBA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://checkmk.com/werk/16273",
|
||||
"source": "security@checkmk.com"
|
||||
"source": "security@checkmk.com",
|
||||
"tags": [
|
||||
"Patch",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-6740",
|
||||
"sourceIdentifier": "security@checkmk.com",
|
||||
"published": "2024-01-12T08:15:43.920",
|
||||
"lastModified": "2024-01-12T14:15:49.173",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T02:12:08.587",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -16,6 +16,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "LOCAL",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 1.8,
|
||||
"impactScore": 5.9
|
||||
},
|
||||
{
|
||||
"source": "security@checkmk.com",
|
||||
"type": "Secondary",
|
||||
@ -39,6 +59,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-269"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@checkmk.com",
|
||||
"type": "Secondary",
|
||||
@ -50,10 +80,617 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "2.0.0",
|
||||
"matchCriteriaId": "8AF09C00-1AEF-4502-8C7B-3B68F2C35D34"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "FE7C4821-74F2-442C-B51F-A52788FC61F4"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D7A74CB5-CC6E-4166-B884-498F2CF1A33E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "42DCB139-5BBE-45F3-80F5-3A43D95A58BB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D956394-C3F3-4C88-A791-364AE555D522"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "25E96088-0FA2-49FD-B93D-5AFC9605289E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "EDB60B12-F724-40C7-8EB2-1270484E88F6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "1982ED3B-A0FA-476A-BFB2-5B7B53289496"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F646D243-433E-46F9-9E8E-E4F734F9E648"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D1C14080-79C9-4620-AD1F-6CB46F0F74D0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4AECE1FE-F3D1-4FF0-BDF9-F39FFCBF52E0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C2F79F99-5F46-48A7-BEE7-1551CD56C2F7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2EB6F9D4-13D2-4218-96EF-64C2126369DC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p35:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "62841559-BDA0-4B67-932A-007D91BFBD14"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p36:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F6F22F4E-4A8A-4A7B-A01A-50E9BEA019DA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p37:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C1467012-F4CD-4547-A761-50B5F478A055"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p38:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "200EE0FA-D641-4612-8048-3B00997CBB42"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "AA60BF44-AF52-458A-BD3F-9FD5D8408575"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9BFE55DC-89EA-404F-8DDF-93E351366789"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C62D8997-DD3B-4B83-B6A5-DFC2408A9164"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "80B4A77F-F636-49BB-8CB6-60064984463F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "356E5744-AB8E-4FBA-992F-74ED8F9086CE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "41FB6FFA-F38F-4754-A1E6-35073D84069E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p28:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E1AA25FE-FA1B-4525-99B8-1098E75BDC5C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p29:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "073ED1BF-B3FE-4CC4-A279-15981DBC0BE8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p30:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BA067A60-3B6A-4C3B-8934-E2725199EE39"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p31:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DD42912A-092C-4FD9-9874-5B04989164C0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p32:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E26E5640-8396-4B9C-890F-E9598CEB08FB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p33:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "82CBA4CB-FCEE-4D33-8127-944D914A8F5C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p34:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DE6414DD-DA34-4FE7-B976-A6898B454E60"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p35:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0CB08010-2416-469D-8B27-212F28BF62EB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p36:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8F66346B-4A8A-4323-B197-B5D4D949FCEE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p37:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "28117164-A991-4E38-825D-88D7B16EC3CB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8EC2C076-C4C6-4C9A-84FE-B47E835AA0E7"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b8:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "57C08697-674F-4924-A5A2-40F1E2BF2059"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "AB444D23-88E8-4AFE-9F1E-56AE4ADF7644"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "050E9020-9E83-4198-B550-F554686DCC36"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p10:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "5D3DFD03-89BF-433F-B14C-8B46AD5146F6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p11:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "50D06254-A368-4DE1-8734-1DC49002FBB1"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p12:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "489B86C6-FDD3-4569-B330-86CF51B533B0"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p13:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "50456E0E-0597-4E90-9BFC-1384800ED073"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p14:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0A7E61FE-E2B2-434F-8DFB-BF6AB78B8DE9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p15:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D5FDDC0D-52AA-419C-84CF-48B608B976E3"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p16:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DC948630-1F71-4441-B842-29974C2D4C1B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p17:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "05518D94-0376-4B0C-AE53-74C54DBD6A10"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "E9F4C18C-D62E-47F5-A309-D0BC9CFB990C"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DAFBA752-75C7-4514-AC75-CE7D78AE9F96"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "57BA8394-7755-45E0-8B4D-B37A8A5B5DB8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D6A02DB9-71F6-429F-A084-D811AD016CBA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://checkmk.com/werk/16163",
|
||||
"source": "security@checkmk.com"
|
||||
"source": "security@checkmk.com",
|
||||
"tags": [
|
||||
"Patch",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,16 +2,40 @@
|
||||
"id": "CVE-2024-0503",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-01-13T21:15:07.923",
|
||||
"lastModified": "2024-01-14T21:42:17.123",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-01-19T01:56:50.973",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability was found in code-projects Online FIR System 1.0. It has been classified as problematic. This affects an unknown part of the file registercomplaint.php. The manipulation of the argument Name/Address leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250611."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se encontr\u00f3 una vulnerabilidad en code-projects Online FIR System 1.0. Ha sido clasificada como problem\u00e1tica. Esto afecta a una parte desconocida del archivo Registercomplaint.php. La manipulaci\u00f3n del argumento Name/Address conduce a cross site scripting. Es posible iniciar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-250611."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.1,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 2.7
|
||||
},
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
@ -71,18 +95,47 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:sherlock:online_fir_system:1.0:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "28E4C2C3-3C4D-4E5A-858E-4D32672CC615"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://drive.google.com/file/d/1n9Zas-iSOfKVMN3UzPyVGgQgCmig2A5I/view?usp=sharing",
|
||||
"source": "cna@vuldb.com"
|
||||
"source": "cna@vuldb.com",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?ctiid.250611",
|
||||
"source": "cna@vuldb.com"
|
||||
"source": "cna@vuldb.com",
|
||||
"tags": [
|
||||
"Permissions Required",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?id.250611",
|
||||
"source": "cna@vuldb.com"
|
||||
"source": "cna@vuldb.com",
|
||||
"tags": [
|
||||
"Permissions Required",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,12 +2,20 @@
|
||||
"id": "CVE-2024-0519",
|
||||
"sourceIdentifier": "chrome-cve-admin@google.com",
|
||||
"published": "2024-01-16T22:15:37.753",
|
||||
"lastModified": "2024-01-16T23:12:38.473",
|
||||
"lastModified": "2024-01-19T02:00:01.863",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cisaExploitAdd": "2024-01-17",
|
||||
"cisaActionDue": "2024-02-07",
|
||||
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
|
||||
"cisaVulnerabilityName": "Google Chromium V8 Out-of-Bounds Memory Access Vulnerability",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El acceso a memoria fuera de los l\u00edmites en V8 en Google Chrome anterior a 120.0.6099.224 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chrome: alta)"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-0693",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-01-18T23:15:08.493",
|
||||
"lastModified": "2024-01-18T23:15:08.493",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-0695",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-01-18T23:15:08.720",
|
||||
"lastModified": "2024-01-18T23:15:08.720",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-0696",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-01-18T23:15:08.940",
|
||||
"lastModified": "2024-01-18T23:15:08.940",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,16 +2,20 @@
|
||||
"id": "CVE-2024-21887",
|
||||
"sourceIdentifier": "support@hackerone.com",
|
||||
"published": "2024-01-12T17:15:10.017",
|
||||
"lastModified": "2024-01-13T02:00:00.970",
|
||||
"lastModified": "2024-01-19T02:00:01.863",
|
||||
"vulnStatus": "Analyzed",
|
||||
"cisaExploitAdd": "2024-01-10",
|
||||
"cisaActionDue": "2024-01-31",
|
||||
"cisaActionDue": "2024-01-22",
|
||||
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
|
||||
"cisaVulnerabilityName": "Ivanti Connect Secure and Policy Secure Command Injection Vulnerability",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos en componentes web de Ivanti Connect Secure (9.x, 22.x) e Ivanti Policy Secure (9.x, 22.x) permite a un administrador autenticado enviar solicitudes especialmente manipuladas y ejecutar comandos arbitrarios en el dispositivo."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-22213",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-18T20:15:08.113",
|
||||
"lastModified": "2024-01-18T20:15:08.113",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-22400",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-18T20:15:08.360",
|
||||
"lastModified": "2024-01-18T20:15:08.360",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-22401",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-18T21:15:08.343",
|
||||
"lastModified": "2024-01-18T21:15:08.343",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-22402",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-18T21:15:08.590",
|
||||
"lastModified": "2024-01-18T21:15:08.590",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-22403",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-18T20:15:08.610",
|
||||
"lastModified": "2024-01-18T20:15:08.610",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-22404",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-18T21:15:08.830",
|
||||
"lastModified": "2024-01-18T21:15:08.830",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-22415",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-18T21:15:09.087",
|
||||
"lastModified": "2024-01-18T21:15:09.087",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-22418",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-18T21:15:09.323",
|
||||
"lastModified": "2024-01-18T21:15:09.323",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
59
CVE-2024/CVE-2024-224xx/CVE-2024-22422.json
Normal file
59
CVE-2024/CVE-2024-224xx/CVE-2024-22422.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2024-22422",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-19T01:15:09.123",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit `08d33cfd8` an unauthenticated API route (file export) can allow attacker to crash the server resulting in a denial of service attack. The \u201cdata-export\u201d endpoint is used to export files using the filename parameter as user input. The endpoint takes the user input, filters it to avoid directory traversal attacks, fetches the file from the server, and afterwards deletes it. An attacker can trick the input filter mechanism to point to the current directory, and while attempting to delete it the server will crash as there is no error-handling wrapper around it. Moreover, the endpoint is public and does not require any form of authentication, resulting in an unauthenticated Denial of Service issue, which crashes the instance using a single HTTP packet. This issue has been addressed in commit `08d33cfd8`. Users are advised to upgrade. There are no known workarounds for this vulnerability."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-754"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/Mintplex-Labs/anything-llm/commit/08d33cfd8fc47c5052b6ea29597c964a9da641e2",
|
||||
"source": "security-advisories@github.com"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-xmj6-g32r-fc5q",
|
||||
"source": "security-advisories@github.com"
|
||||
}
|
||||
]
|
||||
}
|
63
CVE-2024/CVE-2024-224xx/CVE-2024-22424.json
Normal file
63
CVE-2024/CVE-2024-224xx/CVE-2024-22424.json
Normal file
@ -0,0 +1,63 @@
|
||||
{
|
||||
"id": "CVE-2024-22424",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-01-19T01:15:09.317",
|
||||
"lastModified": "2024-01-19T01:51:14.027",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim\u2019s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code. Argo CD uses the \u201cLax\u201d SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request. Many companies host Argo CD on an internal subdomain. If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the \u201cLax\u201d SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API. Browsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a \u201cpreflight request\u201d for POSTs with content type \u201capplication/json\u201d asking the destination API \u201care you allowed to accept requests from my domain?\u201d If the destination API does not answer \u201cyes,\u201d the browser will block the request. Before the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser\u2019s CORS check by setting the content type to something which is considered \u201cnot sensitive\u201d such as \u201ctext/plain.\u201d The browser wouldn\u2019t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code). A patch for this vulnerability has been released in the following Argo CD versions: 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. The patch contains a breaking API change. The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely. Users are advised to upgrade. There are no known workarounds for this vulnerability."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "HIGH",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.3,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 1.6,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/argoproj/argo-cd/issues/2496",
|
||||
"source": "security-advisories@github.com"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/argoproj/argo-cd/pull/16860",
|
||||
"source": "security-advisories@github.com"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg",
|
||||
"source": "security-advisories@github.com"
|
||||
}
|
||||
]
|
||||
}
|
73
README.md
73
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2024-01-19T00:55:24.754098+00:00
|
||||
2024-01-19T03:00:24.915278+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2024-01-19T00:15:20.457000+00:00
|
||||
2024-01-19T02:15:07.970000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -23,53 +23,58 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
|
||||
|
||||
```plain
|
||||
2024-01-18T01:00:28.234621+00:00
|
||||
2024-01-19T01:00:28.268681+00:00
|
||||
```
|
||||
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
236346
|
||||
236354
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `3`
|
||||
Recently added CVEs: `8`
|
||||
|
||||
* [CVE-2024-0693](CVE-2024/CVE-2024-06xx/CVE-2024-0693.json) (`2024-01-18T23:15:08.493`)
|
||||
* [CVE-2024-0695](CVE-2024/CVE-2024-06xx/CVE-2024-0695.json) (`2024-01-18T23:15:08.720`)
|
||||
* [CVE-2024-0696](CVE-2024/CVE-2024-06xx/CVE-2024-0696.json) (`2024-01-18T23:15:08.940`)
|
||||
* [CVE-2023-35020](CVE-2023/CVE-2023-350xx/CVE-2023-35020.json) (`2024-01-19T01:15:08.347`)
|
||||
* [CVE-2023-38738](CVE-2023/CVE-2023-387xx/CVE-2023-38738.json) (`2024-01-19T01:15:08.717`)
|
||||
* [CVE-2023-40683](CVE-2023/CVE-2023-406xx/CVE-2023-40683.json) (`2024-01-19T01:15:08.910`)
|
||||
* [CVE-2023-32337](CVE-2023/CVE-2023-323xx/CVE-2023-32337.json) (`2024-01-19T02:15:07.537`)
|
||||
* [CVE-2023-47718](CVE-2023/CVE-2023-477xx/CVE-2023-47718.json) (`2024-01-19T02:15:07.757`)
|
||||
* [CVE-2023-50963](CVE-2023/CVE-2023-509xx/CVE-2023-50963.json) (`2024-01-19T02:15:07.970`)
|
||||
* [CVE-2024-22422](CVE-2024/CVE-2024-224xx/CVE-2024-22422.json) (`2024-01-19T01:15:09.123`)
|
||||
* [CVE-2024-22424](CVE-2024/CVE-2024-224xx/CVE-2024-22424.json) (`2024-01-19T01:15:09.317`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
Recently modified CVEs: `121`
|
||||
Recently modified CVEs: `42`
|
||||
|
||||
* [CVE-2020-1561](CVE-2020/CVE-2020-15xx/CVE-2020-1561.json) (`2024-01-19T00:15:18.337`)
|
||||
* [CVE-2020-1562](CVE-2020/CVE-2020-15xx/CVE-2020-1562.json) (`2024-01-19T00:15:18.403`)
|
||||
* [CVE-2020-1563](CVE-2020/CVE-2020-15xx/CVE-2020-1563.json) (`2024-01-19T00:15:18.480`)
|
||||
* [CVE-2020-1564](CVE-2020/CVE-2020-15xx/CVE-2020-1564.json) (`2024-01-19T00:15:18.560`)
|
||||
* [CVE-2020-1565](CVE-2020/CVE-2020-15xx/CVE-2020-1565.json) (`2024-01-19T00:15:18.637`)
|
||||
* [CVE-2020-1566](CVE-2020/CVE-2020-15xx/CVE-2020-1566.json) (`2024-01-19T00:15:18.730`)
|
||||
* [CVE-2020-1567](CVE-2020/CVE-2020-15xx/CVE-2020-1567.json) (`2024-01-19T00:15:18.873`)
|
||||
* [CVE-2020-1568](CVE-2020/CVE-2020-15xx/CVE-2020-1568.json) (`2024-01-19T00:15:18.990`)
|
||||
* [CVE-2020-1569](CVE-2020/CVE-2020-15xx/CVE-2020-1569.json) (`2024-01-19T00:15:19.090`)
|
||||
* [CVE-2020-1570](CVE-2020/CVE-2020-15xx/CVE-2020-1570.json) (`2024-01-19T00:15:19.187`)
|
||||
* [CVE-2020-1571](CVE-2020/CVE-2020-15xx/CVE-2020-1571.json) (`2024-01-19T00:15:19.257`)
|
||||
* [CVE-2020-1573](CVE-2020/CVE-2020-15xx/CVE-2020-1573.json) (`2024-01-19T00:15:19.350`)
|
||||
* [CVE-2020-1574](CVE-2020/CVE-2020-15xx/CVE-2020-1574.json) (`2024-01-19T00:15:19.437`)
|
||||
* [CVE-2020-1577](CVE-2020/CVE-2020-15xx/CVE-2020-1577.json) (`2024-01-19T00:15:19.527`)
|
||||
* [CVE-2020-1578](CVE-2020/CVE-2020-15xx/CVE-2020-1578.json) (`2024-01-19T00:15:19.627`)
|
||||
* [CVE-2020-1579](CVE-2020/CVE-2020-15xx/CVE-2020-1579.json) (`2024-01-19T00:15:19.697`)
|
||||
* [CVE-2020-1580](CVE-2020/CVE-2020-15xx/CVE-2020-1580.json) (`2024-01-19T00:15:19.770`)
|
||||
* [CVE-2020-1581](CVE-2020/CVE-2020-15xx/CVE-2020-1581.json) (`2024-01-19T00:15:19.847`)
|
||||
* [CVE-2020-1582](CVE-2020/CVE-2020-15xx/CVE-2020-1582.json) (`2024-01-19T00:15:19.910`)
|
||||
* [CVE-2020-1583](CVE-2020/CVE-2020-15xx/CVE-2020-1583.json) (`2024-01-19T00:15:20.010`)
|
||||
* [CVE-2020-1584](CVE-2020/CVE-2020-15xx/CVE-2020-1584.json) (`2024-01-19T00:15:20.120`)
|
||||
* [CVE-2020-1585](CVE-2020/CVE-2020-15xx/CVE-2020-1585.json) (`2024-01-19T00:15:20.223`)
|
||||
* [CVE-2020-1587](CVE-2020/CVE-2020-15xx/CVE-2020-1587.json) (`2024-01-19T00:15:20.300`)
|
||||
* [CVE-2020-1591](CVE-2020/CVE-2020-15xx/CVE-2020-1591.json) (`2024-01-19T00:15:20.377`)
|
||||
* [CVE-2020-1597](CVE-2020/CVE-2020-15xx/CVE-2020-1597.json) (`2024-01-19T00:15:20.457`)
|
||||
* [CVE-2023-46805](CVE-2023/CVE-2023-468xx/CVE-2023-46805.json) (`2024-01-19T02:00:01.863`)
|
||||
* [CVE-2023-6548](CVE-2023/CVE-2023-65xx/CVE-2023-6548.json) (`2024-01-19T02:00:01.863`)
|
||||
* [CVE-2023-6549](CVE-2023/CVE-2023-65xx/CVE-2023-6549.json) (`2024-01-19T02:00:01.863`)
|
||||
* [CVE-2023-31211](CVE-2023/CVE-2023-312xx/CVE-2023-31211.json) (`2024-01-19T02:09:26.650`)
|
||||
* [CVE-2023-40362](CVE-2023/CVE-2023-403xx/CVE-2023-40362.json) (`2024-01-19T02:09:45.820`)
|
||||
* [CVE-2023-50919](CVE-2023/CVE-2023-509xx/CVE-2023-50919.json) (`2024-01-19T02:10:22.870`)
|
||||
* [CVE-2023-50920](CVE-2023/CVE-2023-509xx/CVE-2023-50920.json) (`2024-01-19T02:11:15.010`)
|
||||
* [CVE-2023-49262](CVE-2023/CVE-2023-492xx/CVE-2023-49262.json) (`2024-01-19T02:11:40.757`)
|
||||
* [CVE-2023-49255](CVE-2023/CVE-2023-492xx/CVE-2023-49255.json) (`2024-01-19T02:11:57.800`)
|
||||
* [CVE-2023-6740](CVE-2023/CVE-2023-67xx/CVE-2023-6740.json) (`2024-01-19T02:12:08.587`)
|
||||
* [CVE-2023-6735](CVE-2023/CVE-2023-67xx/CVE-2023-6735.json) (`2024-01-19T02:12:18.367`)
|
||||
* [CVE-2024-22213](CVE-2024/CVE-2024-222xx/CVE-2024-22213.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-22400](CVE-2024/CVE-2024-224xx/CVE-2024-22400.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-22403](CVE-2024/CVE-2024-224xx/CVE-2024-22403.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-22401](CVE-2024/CVE-2024-224xx/CVE-2024-22401.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-22402](CVE-2024/CVE-2024-224xx/CVE-2024-22402.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-22404](CVE-2024/CVE-2024-224xx/CVE-2024-22404.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-22415](CVE-2024/CVE-2024-224xx/CVE-2024-22415.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-22418](CVE-2024/CVE-2024-224xx/CVE-2024-22418.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-0693](CVE-2024/CVE-2024-06xx/CVE-2024-0693.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-0695](CVE-2024/CVE-2024-06xx/CVE-2024-0695.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-0696](CVE-2024/CVE-2024-06xx/CVE-2024-0696.json) (`2024-01-19T01:51:14.027`)
|
||||
* [CVE-2024-0503](CVE-2024/CVE-2024-05xx/CVE-2024-0503.json) (`2024-01-19T01:56:50.973`)
|
||||
* [CVE-2024-21887](CVE-2024/CVE-2024-218xx/CVE-2024-21887.json) (`2024-01-19T02:00:01.863`)
|
||||
* [CVE-2024-0519](CVE-2024/CVE-2024-05xx/CVE-2024-0519.json) (`2024-01-19T02:00:01.863`)
|
||||
|
||||
|
||||
## Download and Usage
|
||||
|
Loading…
x
Reference in New Issue
Block a user