diff --git a/CVE-2020/CVE-2020-184xx/CVE-2020-18414.json b/CVE-2020/CVE-2020-184xx/CVE-2020-18414.json index 7ec7a8b426d..b87ea694c79 100644 --- a/CVE-2020/CVE-2020-184xx/CVE-2020-18414.json +++ b/CVE-2020/CVE-2020-184xx/CVE-2020-18414.json @@ -2,19 +2,76 @@ "id": "CVE-2020-18414", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-27T21:15:15.763", - "lastModified": "2023-06-28T12:34:43.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:46:27.213", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chaoji_cms_project:chaoji_cms:2.18:*:*:*:*:*:*:*", + "matchCriteriaId": "DA483300-3FE3-4249-AC6D-C38BD441A68E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/GodEpic/chaojicms/issues/3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-234xx/CVE-2020-23452.json b/CVE-2020/CVE-2020-234xx/CVE-2020-23452.json new file mode 100644 index 00000000000..0ecc0d93beb --- /dev/null +++ b/CVE-2020/CVE-2020-234xx/CVE-2020-23452.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-23452", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-05T18:15:09.750", + "lastModified": "2023-07-05T18:15:09.750", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/SeleniumHQ/selenium/issues/8259", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-302xx/CVE-2021-30203.json b/CVE-2021/CVE-2021-302xx/CVE-2021-30203.json index 9cdb0e695de..0bdb55ff722 100644 --- a/CVE-2021/CVE-2021-302xx/CVE-2021-30203.json +++ b/CVE-2021/CVE-2021-302xx/CVE-2021-30203.json @@ -2,19 +2,75 @@ "id": "CVE-2021-30203", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-27T14:15:09.667", - "lastModified": "2023-06-27T16:15:38.897", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:50:58.443", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dzzoffice:dzzoffice:2.02.1:*:*:*:*:*:*:*", + "matchCriteriaId": "0ECA901D-850D-468C-B516-01F29417313D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/zyx0814/dzzoffice/issues/183", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-442xx/CVE-2022-44276.json b/CVE-2022/CVE-2022-442xx/CVE-2022-44276.json index 270dd7a30b7..7214c32218d 100644 --- a/CVE-2022/CVE-2022-442xx/CVE-2022-44276.json +++ b/CVE-2022/CVE-2022-442xx/CVE-2022-44276.json @@ -2,19 +2,76 @@ "id": "CVE-2022-44276", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T15:15:09.323", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:51:03.210", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tecrail:responsive_filemanager:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.12.0", + "matchCriteriaId": "FD1D1311-57CB-40F1-869D-7C4B789B1A02" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/HerrLeStrate/CVE-2022-44276-PoC", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-480xx/CVE-2022-48073.json b/CVE-2022/CVE-2022-480xx/CVE-2022-48073.json index 673e53e0dc5..66590796e90 100644 --- a/CVE-2022/CVE-2022-480xx/CVE-2022-48073.json +++ b/CVE-2022/CVE-2022-480xx/CVE-2022-48073.json @@ -2,12 +2,12 @@ "id": "CVE-2022-48073", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-27T15:15:10.673", - "lastModified": "2023-02-04T01:57:42.277", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-05T18:15:09.857", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext." + "value": "Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext." } ], "metrics": { @@ -76,6 +76,10 @@ } ], "references": [ + { + "url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a", + "source": "cve@mitre.org" + }, { "url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Sensitive-Information-Disclosure-Vulnerability-8649a75a7ea7455583294e7447145cc6", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1844.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1844.json index d7519276508..93051dc4e38 100644 --- a/CVE-2023/CVE-2023-18xx/CVE-2023-1844.json +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1844.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1844", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-28T03:15:09.140", - "lastModified": "2023-06-28T12:34:43.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:38:05.483", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -50,18 +50,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:subscribe2_project:subscribe2:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "10.40", + "matchCriteriaId": "34325F77-97FF-4F8E-AA88-30E2B687950B" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2930676", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c34ce601-5cf9-433f-bc9d-5c705eba6b08?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-211xx/CVE-2023-21195.json b/CVE-2023/CVE-2023-211xx/CVE-2023-21195.json index e61e5af803f..bb3cb85169d 100644 --- a/CVE-2023/CVE-2023-211xx/CVE-2023-21195.json +++ b/CVE-2023/CVE-2023-211xx/CVE-2023-21195.json @@ -2,19 +2,74 @@ "id": "CVE-2023-21195", "sourceIdentifier": "security@android.com", "published": "2023-06-28T18:15:15.383", - "lastModified": "2023-06-28T19:27:43.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:25:24.387", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233879420" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2023-06-01", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-211xx/CVE-2023-21196.json b/CVE-2023/CVE-2023-211xx/CVE-2023-21196.json index 9ffc6830329..1b1d2a8b02f 100644 --- a/CVE-2023/CVE-2023-211xx/CVE-2023-21196.json +++ b/CVE-2023/CVE-2023-211xx/CVE-2023-21196.json @@ -2,19 +2,74 @@ "id": "CVE-2023-21196", "sourceIdentifier": "security@android.com", "published": "2023-06-28T18:15:15.423", - "lastModified": "2023-06-28T19:27:43.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:27:24.927", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261857395" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2023-06-01", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-211xx/CVE-2023-21197.json b/CVE-2023/CVE-2023-211xx/CVE-2023-21197.json index 13278664bd7..b3d1ea39592 100644 --- a/CVE-2023/CVE-2023-211xx/CVE-2023-21197.json +++ b/CVE-2023/CVE-2023-211xx/CVE-2023-21197.json @@ -2,19 +2,74 @@ "id": "CVE-2023-21197", "sourceIdentifier": "security@android.com", "published": "2023-06-28T18:15:15.460", - "lastModified": "2023-06-28T19:27:43.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:35:40.793", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251427561" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2023-06-01", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-211xx/CVE-2023-21198.json b/CVE-2023/CVE-2023-211xx/CVE-2023-21198.json index 358b944700c..3f24c958ac2 100644 --- a/CVE-2023/CVE-2023-211xx/CVE-2023-21198.json +++ b/CVE-2023/CVE-2023-211xx/CVE-2023-21198.json @@ -2,19 +2,74 @@ "id": "CVE-2023-21198", "sourceIdentifier": "security@android.com", "published": "2023-06-28T18:15:15.500", - "lastModified": "2023-06-28T19:27:43.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:38:07.660", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In remove_sdp_record of btif_sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245517503" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2023-06-01", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-211xx/CVE-2023-21199.json b/CVE-2023/CVE-2023-211xx/CVE-2023-21199.json index 20954becc72..c6d5571b3a5 100644 --- a/CVE-2023/CVE-2023-211xx/CVE-2023-21199.json +++ b/CVE-2023/CVE-2023-211xx/CVE-2023-21199.json @@ -2,19 +2,74 @@ "id": "CVE-2023-21199", "sourceIdentifier": "security@android.com", "published": "2023-06-28T18:15:15.540", - "lastModified": "2023-06-28T19:27:43.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:42:07.917", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2023-06-01", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-212xx/CVE-2023-21200.json b/CVE-2023/CVE-2023-212xx/CVE-2023-21200.json index dee2e161af0..7a36578a4bb 100644 --- a/CVE-2023/CVE-2023-212xx/CVE-2023-21200.json +++ b/CVE-2023/CVE-2023-212xx/CVE-2023-21200.json @@ -2,19 +2,74 @@ "id": "CVE-2023-21200", "sourceIdentifier": "security@android.com", "published": "2023-06-28T18:15:15.577", - "lastModified": "2023-06-28T19:27:43.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:45:27.017", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236688764" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2023-06-01", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-212xx/CVE-2023-21201.json b/CVE-2023/CVE-2023-212xx/CVE-2023-21201.json index e95e9d5529b..cc63f99b76e 100644 --- a/CVE-2023/CVE-2023-212xx/CVE-2023-21201.json +++ b/CVE-2023/CVE-2023-212xx/CVE-2023-21201.json @@ -2,19 +2,74 @@ "id": "CVE-2023-21201", "sourceIdentifier": "security@android.com", "published": "2023-06-28T18:15:15.617", - "lastModified": "2023-06-28T19:27:43.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:46:48.690", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In on_create_record_event of btif_sdp_server.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263545186" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2023-06-01", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-212xx/CVE-2023-21202.json b/CVE-2023/CVE-2023-212xx/CVE-2023-21202.json index c74a6b0ca80..97da9623bd7 100644 --- a/CVE-2023/CVE-2023-212xx/CVE-2023-21202.json +++ b/CVE-2023/CVE-2023-212xx/CVE-2023-21202.json @@ -2,19 +2,74 @@ "id": "CVE-2023-21202", "sourceIdentifier": "security@android.com", "published": "2023-06-28T18:15:15.660", - "lastModified": "2023-06-28T19:27:43.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:48:33.540", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568359" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2023-06-01", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-228xx/CVE-2023-22834.json b/CVE-2023/CVE-2023-228xx/CVE-2023-22834.json index b94cbc7f745..8bb96789269 100644 --- a/CVE-2023/CVE-2023-228xx/CVE-2023-22834.json +++ b/CVE-2023/CVE-2023-228xx/CVE-2023-22834.json @@ -2,16 +2,40 @@ "id": "CVE-2023-22834", "sourceIdentifier": "cve-coordination@palantir.com", "published": "2023-06-27T00:15:09.437", - "lastModified": "2023-06-27T01:40:40.277", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:14:49.097", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create." + }, + { + "lang": "es", + "value": "Contour Service no comprobaba que los usuarios tuvieran permiso para crear un an\u00e1lisis para un conjunto de datos determinado. Esto podr\u00eda permitir a un atacante saturar las carpetas de Compass con an\u00e1lisis extra\u00f1os que, de otro modo, no tendr\u00eda permiso para crear. " } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "cve-coordination@palantir.com", "type": "Secondary", @@ -34,10 +58,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:palantir:contour:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.642.0", + "matchCriteriaId": "DE4A9B13-659F-47C5-9B8B-7B6886AD285A" + } + ] + } + ] + } + ], "references": [ { "url": "https://palantir.safebase.us/?tcuUid=14874400-e9c9-4ac4-a8a6-9f4c48a56ff8", - "source": "cve-coordination@palantir.com" + "source": "cve-coordination@palantir.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-266xx/CVE-2023-26615.json b/CVE-2023/CVE-2023-266xx/CVE-2023-26615.json index 71569c2cbfc..d86e82c07eb 100644 --- a/CVE-2023/CVE-2023-266xx/CVE-2023-26615.json +++ b/CVE-2023/CVE-2023-266xx/CVE-2023-26615.json @@ -2,23 +2,95 @@ "id": "CVE-2023-26615", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T15:15:10.137", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:50:06.507", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-640" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*", + "matchCriteriaId": "359D06ED-7E8E-40E5-84A4-27F1693820E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "67B980AA-84BE-4D22-B4E7-7B2DBF571B65" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetMultipleActions", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27390.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27390.json index 996345deb38..7dd8c56ae66 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27390.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27390.json @@ -2,7 +2,7 @@ "id": "CVE-2023-27390", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-05T16:15:09.507", - "lastModified": "2023-07-05T16:25:41.353", + "lastModified": "2023-07-05T18:15:09.987", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,6 +50,10 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1744", "source": "talos-cna@cisco.com" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1744", + "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-302xx/CVE-2023-30259.json b/CVE-2023/CVE-2023-302xx/CVE-2023-30259.json index 6734c2562a1..daec2a11688 100644 --- a/CVE-2023/CVE-2023-302xx/CVE-2023-30259.json +++ b/CVE-2023/CVE-2023-302xx/CVE-2023-30259.json @@ -2,19 +2,75 @@ "id": "CVE-2023-30259", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T14:15:09.677", - "lastModified": "2023-06-28T15:25:24.900", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:53:44.850", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:librecad:librecad:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1601072D-9004-48B7-80B9-CB62792D4B27" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/LibreCAD/LibreCAD/issues/1481", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30607.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30607.json new file mode 100644 index 00000000000..c3d6fd192ae --- /dev/null +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30607.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-30607", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-05T18:15:10.070", + "lastModified": "2023-07-05T18:15:10.070", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, template and field configuration forms perform the deletion action before user input is validated, including the cross site request forgery token. This issue is fixed in version 1.3.2. There are no known workarounds." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Icinga/icingaweb2-module-jira/commit/7f0c53b7a3e87be2f4c2e8840805d7b7c9762424", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/Icinga/icingaweb2-module-jira/releases/tag/v1.3.2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/Icinga/icingaweb2-module-jira/security/advisories/GHSA-gh7w-7f7j-gwp5", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30945.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30945.json index 3ebb710dc94..29b58a09a67 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30945.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30945.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30945", "sourceIdentifier": "cve-coordination@palantir.com", "published": "2023-06-26T23:15:09.193", - "lastModified": "2023-06-27T01:40:40.277", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:14:06.537", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cve-coordination@palantir.com", "type": "Secondary", @@ -34,10 +54,55 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:palantir:clips2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.111.2", + "matchCriteriaId": "EB9EB1C8-6DDE-4EC8-99F2-1130EABA72CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:palantir:video_clip_distributor:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.24.10", + "matchCriteriaId": "B4883F5A-B29C-4EB9-9F55-D15499EC1A40" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:palantir:video_history_service:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.210.3", + "matchCriteriaId": "C9C66728-D88D-4A48-89E3-D887A31C78DF" + } + ] + } + ] + } + ], "references": [ { "url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9", - "source": "cve-coordination@palantir.com" + "source": "cve-coordination@palantir.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30993.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30993.json index 4f1fc8cae7b..0e6746f3a3e 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30993.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30993.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30993", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-06-27T20:15:09.620", - "lastModified": "2023-06-27T20:45:06.090", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:47:03.063", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,41 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.9.0.0", + "versionEndIncluding": "1.9.2.0", + "matchCriteriaId": "45D219FF-33C0-470A-889E-1F82EC5428C5" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254136", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/6995221", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31194.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31194.json index 2dd099dba33..cd555deff68 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31194.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31194.json @@ -2,7 +2,7 @@ "id": "CVE-2023-31194", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-05T16:15:09.600", - "lastModified": "2023-07-05T16:25:41.353", + "lastModified": "2023-07-05T18:15:10.157", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,6 +50,10 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1745", "source": "talos-cna@cisco.com" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1745", + "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31248.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31248.json new file mode 100644 index 00000000000..5cdcf1294aa --- /dev/null +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31248.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-31248", + "sourceIdentifier": "security@ubuntu.com", + "published": "2023-07-05T19:15:09.713", + "lastModified": "2023-07-05T19:15:09.713", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://lore.kernel.org/netfilter-devel/20230705121627.GC19489@breakpoint.cc/T/", + "source": "security@ubuntu.com" + }, + { + "url": "https://www.openwall.com/lists/oss-security/2023/07/05/2", + "source": "security@ubuntu.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31972.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31972.json index f32b98b0ac9..7ec8cce8e1e 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31972.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31972.json @@ -2,19 +2,75 @@ "id": "CVE-2023-31972", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-09T13:15:18.503", - "lastModified": "2023-05-09T14:30:54.950", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:00:26.747", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "yasm v1.3.0 was discovered to contain a use after free via the function pp_getline at /nasm/nasm-pp.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yasm/yasm/issues/209", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31973.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31973.json index 743af63befa..b19a7cdc98a 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31973.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31973.json @@ -2,19 +2,75 @@ "id": "CVE-2023-31973", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-09T14:15:13.737", - "lastModified": "2023-05-09T14:30:54.950", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:00:20.850", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yasm/yasm/issues/207", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31974.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31974.json index 2a9488e03ec..8934553e0c5 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31974.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31974.json @@ -2,19 +2,75 @@ "id": "CVE-2023-31974", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-09T13:15:18.550", - "lastModified": "2023-05-09T14:30:54.950", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:00:17.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yasm/yasm/issues/208", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31975.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31975.json index 8cdc75660be..4332bc840ab 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31975.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31975.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31975", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-09T13:15:18.590", - "lastModified": "2023-06-24T09:15:47.420", - "vulnStatus": "Modified", + "lastModified": "2023-07-05T19:01:42.130", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -25,12 +25,12 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW", + "baseScore": 3.3, + "baseSeverity": "LOW" }, "exploitabilityScore": 1.8, - "impactScore": 3.6 + "impactScore": 1.4 } ] }, @@ -194,7 +194,11 @@ }, { "url": "http://www.openwall.com/lists/oss-security/2023/06/24/1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://github.com/yasm/yasm/issues/210", diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32463.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32463.json index 3c977eafbf6..197e6e383ba 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32463.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32463.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32463", "sourceIdentifier": "security_alert@emc.com", "published": "2023-06-23T08:15:09.313", - "lastModified": "2023-06-23T13:03:31.027", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:33:55.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,1275 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_d560_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "6DD070B1-7C31-47F5-8970-60DA154B08C3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_d560:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B547BDB-12A9-40AC-B4CA-040F413C5F05" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_d560f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "7736405B-14EF-4A52-B375-E215EAB20E0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_d560f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7755F292-5841-4751-AA28-2766B510F4B1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e460_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "E961E71F-C946-471A-B746-9001476CB39D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e460:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B6D4A624-51DE-4845-81ED-7C724038C193" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "D4C1DCEF-8519-47E3-BEAC-01E215F2785E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1CE64387-28EC-4486-8B12-B89E00FF5422" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "D655F239-3A90-4EAB-8E40-F3786E139BED" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "33913EBB-9810-49BC-8060-F58A70323D31" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "A75C06ED-0CCF-4C15-BD81-D8AB25848853" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3297C6B-2729-44F8-AEEE-399FC791314D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560f_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "9D41485A-599B-436A-A8D3-81818F768AEA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560f_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2AE2145A-79D2-4460-94AC-41D3A56FD6D8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "FC7A4CBD-C9F6-4515-9492-C81C47BAEA60" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "733EFA86-2D7E-40C4-BC2D-C8EC62BEDB40" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560n_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "603F2DCB-8C4E-4496-80D7-7A2FC703DC1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560n_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "221890FF-A440-4C02-8DE2-F3D5F2E36E30" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e660_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "DAC343F6-598A-4F05-A7BC-FE04141FAE99" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e660:-:*:*:*:*:*:*:*", + "matchCriteriaId": "207FAAA1-9560-4B17-8777-06135B6F68A4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e660f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "825127AC-1FB9-41F8-9038-02E3A5381BED" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e660f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "35B3A233-689C-422F-98F4-DEC197F5E01F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e660n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "96415C8D-03D4-4322-A4C5-1FD0A600F461" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e660n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BED8FF48-215F-437E-BC0E-CDF5B0D02961" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e665_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "15A2B08B-7939-42B1-A482-95CBB7B65C52" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e665:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4FFC45E9-D807-4184-8AEC-5C388E292D0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e665f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "C457E14B-2E2B-4755-9417-C42E873031AC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e665f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F3C4556-A8F3-4AE4-8A6C-867BF069DBE7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e665n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "65D2F0FF-ABD9-45FA-8D1D-2B46D054384B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e665n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A820A4FE-3AF7-40AB-9E48-2A427BAEDD69" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_g560_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "7FD560DE-C621-444D-A536-FD8FA8345B78" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_g560:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8F017FC3-0062-4AD5-83CA-64F3D753C342" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_g560_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "BD1B6017-74C5-4687-8029-F856A6E2A40B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_g560_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F6683017-7A03-4B5F-BF84-B54FEED93C37" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_g560f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "96B69533-89E3-41A7-A114-DFBDF97D3343" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_g560f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ACAAF4CB-52A9-4859-AAD9-0B53608D3FFB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_g560f_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "D572E8F4-30D1-4487-BAC1-0047B0E6A82F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_g560f_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8ECA67AA-9316-4841-9602-649C6ACA0095" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p470_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "9D1907D3-5E4D-4AFE-A32E-5A1E00908302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p470:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6ACC8277-A159-49F4-81E0-C3A73455FFCB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p570_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "36869623-5042-46EF-BC00-4ACCB3EBC471" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p570:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F43E1BD6-A30F-4255-85FD-FA387B3C66AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p570_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "F0F61407-B2CB-4FE6-BAB4-0099C6B45180" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p570_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AFC1A83A-DEC7-4078-A8AA-C891DC386F93" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p570f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "1DC851F2-1C68-4C6D-9269-766E19ACD21B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p570f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "074180A7-BF66-4770-94E2-CA7C8C8AF7C8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p570f_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "B1869E55-F822-4758-83A4-EDCF89B374D1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p570f_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5C29E599-F792-4DE1-A689-36D97ABD08A1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p580n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "73DD9EBC-5C72-445A-B2A5-1F244E010282" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p580n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "93C9ABE5-CE51-4089-A90B-EB5195C13298" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p580n_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "D4EAAA49-653C-4AA6-844E-6CB243CE044F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p580n_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "16C31369-A91C-435A-ABB1-568A3F7F59E0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p670f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "E4A9FAD0-9D7B-4C49-A326-7A40FD45F03D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p670f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7E4817D-2161-4A9B-A31C-82AEDA3EE376" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p670n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "34DE326D-13AC-45D9-9560-CF309498E6BE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p670n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F4EA0A31-B29F-4FBF-8C84-3AA2517DF571" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p675f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "2EE2B673-5E80-4250-B2D9-215B10381B49" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p675f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F5D18B7-9C39-4E54-9460-2494477DF883" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p675n_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "B294E91F-DF6B-4BC5-8567-351B09777F9A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p675n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CE44D31-6A33-424E-AABF-6A011EFC06F7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_s470_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "C86720F8-98C4-4976-8EF4-937057A9EEFA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_s470:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE35EDFC-4608-42C1-A28F-5C2863BAA369" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_s570_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "B9618824-BB9F-4917-BB99-EA10EE9660BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_s570:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CFCB1C44-0865-499D-9845-DD726CE05C10" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_s570_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "D088124B-69C2-45C6-B126-71301727F924" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_s570_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDDBE07F-24D2-4492-B70C-8423952F8AE1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_s670_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "194109DE-00F9-4E54-95E2-1F96823E4852" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_s670:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4A8C1317-89EB-4901-BB2F-A1D5CA43B571" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v470_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "E6B84C6F-EF82-458D-8576-AEE4538F0D47" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v470:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6D91B986-191E-4852-A0E9-FDBB39D935DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v570_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "9B9FDAD6-3932-4E45-8052-B73A7D520562" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v570:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B462CA31-D81C-40C3-AC65-B21EF77C36EC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v570_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "0D2FF407-3F84-426F-9459-62AC2BD3C82D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v570_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4866F37C-56EB-4AFE-B4C9-E4F33B342F27" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v570f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "69093FE4-26DE-4FC8-A582-67E17ECFCA8E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v570f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1C388426-FDAF-4954-9555-B0797C9DB085" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v570f_vcf_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "26EE8AF4-6AAB-4D0B-9D39-A73A725D26F1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v570f_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D4A539AA-1837-4D2A-967D-55386FC1E14B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v670f_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "42067246-232A-4944-B4C6-2D20DFE71EBA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v670f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D6EF50B-67E1-4373-AD6F-39D53C73C1D8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4000r_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "C83A956D-2DB4-47AE-BF39-C6084253EFC4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4000r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D45082F1-56AD-4A99-A628-8FDF02424879" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4000w_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "353BCD6C-8A75-4215-BE6D-FD24DD7CA736" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4000w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB3AA886-1B65-4E89-BF68-E7FC5D3B7B65" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4000z_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "0B822339-763B-46F4-8ACC-A3A475B889D5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4000z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAD28E42-A52D-4CBF-A0BA-2206C8C7BD11" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4510c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "B1696E38-0D42-4D69-A756-00EAF8432F0B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4510c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EFF07A7-FF4D-42B1-95F7-A9D7F8CDF39A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4520c_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.0.100", + "matchCriteriaId": "0038514E-5D5F-44F5-B569-2CB76C7D532C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4520c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "93C59E3C-CCD3-4E72-9E52-6B4D8FBEEFBB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32464.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32464.json index 2c43abbd55d..e6c1a5c0d27 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32464.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32464.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32464", "sourceIdentifier": "security_alert@emc.com", "published": "2023-06-23T08:15:09.400", - "lastModified": "2023-06-23T13:03:31.027", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:31:27.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.7, + "impactScore": 2.5 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -46,10 +66,1320 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_d560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "F934E7F4-FB3E-41BC-8CDA-916D45CF7FA3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_d560:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B547BDB-12A9-40AC-B4CA-040F413C5F05" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_d560f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "8ACBCFDC-A6F5-46C7-AF7C-E7D20A90778D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_d560f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7755F292-5841-4751-AA28-2766B510F4B1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e460_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "9A363068-2EC7-4CCD-9D9D-DF0821B48F35" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e460:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B6D4A624-51DE-4845-81ED-7C724038C193" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "D511F546-9185-41FD-85AB-90D581C49DF5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1CE64387-28EC-4486-8B12-B89E00FF5422" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "30F58B6F-6A34-4DD9-BABD-B27F98E8157E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "33913EBB-9810-49BC-8060-F58A70323D31" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "D89C932E-837B-4F16-9F5E-97DB55E85A31" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3297C6B-2729-44F8-AEEE-399FC791314D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560f_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "E4BBF424-41DB-4450-B175-CA97C422D7F7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560f_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2AE2145A-79D2-4460-94AC-41D3A56FD6D8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560n_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "924791A1-48EE-44E7-8F45-7156DD987C0A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "733EFA86-2D7E-40C4-BC2D-C8EC62BEDB40" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e560n_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "AA72D54F-1742-42B4-AA3D-7D7E28880E96" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e560n_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "221890FF-A440-4C02-8DE2-F3D5F2E36E30" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e660_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "6868128A-37FF-45A9-9571-5073E8DB1E55" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e660:-:*:*:*:*:*:*:*", + "matchCriteriaId": "207FAAA1-9560-4B17-8777-06135B6F68A4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e660f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "6BAEDFB9-2F4C-49FD-BA30-B59E14E41EBF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e660f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "35B3A233-689C-422F-98F4-DEC197F5E01F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e660n_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "7396834C-5E4F-4BFD-9FAF-8898265BB590" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e660n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BED8FF48-215F-437E-BC0E-CDF5B0D02961" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e665_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "80351558-94C8-4FE8-8FCF-5DF38C1BB039" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e665:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4FFC45E9-D807-4184-8AEC-5C388E292D0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e665f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "3626597B-B502-4C72-8D59-E7C9EE126824" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e665f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F3C4556-A8F3-4AE4-8A6C-867BF069DBE7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_e665n_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "CFF3EF19-6CB5-40CB-A0C7-2306E1C083C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_e665n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A820A4FE-3AF7-40AB-9E48-2A427BAEDD69" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_g560_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "1FAE87A3-1D96-42E4-B73B-CEA7B0D9CA3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_g560:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8F017FC3-0062-4AD5-83CA-64F3D753C342" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_g560_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "3C258E73-34A9-4312-B4AB-79CA3F19C201" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_g560_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F6683017-7A03-4B5F-BF84-B54FEED93C37" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_g560f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "25FF5813-3729-40A6-B260-C9AE2ABF4F11" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_g560f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ACAAF4CB-52A9-4859-AAD9-0B53608D3FFB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_g560f_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "0593C021-FAF3-4486-8442-09D7D12D65D4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_g560f_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8ECA67AA-9316-4841-9602-649C6ACA0095" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p470_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "301C63DC-321C-4268-8C4B-4DF3BF5AF6B0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p470:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6ACC8277-A159-49F4-81E0-C3A73455FFCB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p570_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "1F5CA853-CECB-458F-826C-217874185A83" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p570:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F43E1BD6-A30F-4255-85FD-FA387B3C66AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p570_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "C0FCE319-94C3-4429-8FEF-EED92CE450A7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p570_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AFC1A83A-DEC7-4078-A8AA-C891DC386F93" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p570f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "8214A020-E4A2-4FFD-88E7-CB47F6303F42" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p570f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "074180A7-BF66-4770-94E2-CA7C8C8AF7C8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p570f_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "0E26748A-0328-4F3D-88F9-7A898BFBC2B2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p570f_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5C29E599-F792-4DE1-A689-36D97ABD08A1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p580n_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "F4E7C026-C6BF-4D16-B1FD-328A3D0C603C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p580n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "93C9ABE5-CE51-4089-A90B-EB5195C13298" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p580n_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "5C6C745F-739A-4E6E-9B88-ABEE2A6BEB15" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p580n_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "16C31369-A91C-435A-ABB1-568A3F7F59E0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p670f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "4C9A7C11-1BB5-4B21-A364-A26135503139" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p670f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7E4817D-2161-4A9B-A31C-82AEDA3EE376" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p670n_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "FE42B95D-E61A-41C6-8E55-BCE12DC53D49" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p670n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F4EA0A31-B29F-4FBF-8C84-3AA2517DF571" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p675f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "4E507CAB-6B66-425E-B2E7-584FE7FD3ECE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p675f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F5D18B7-9C39-4E54-9460-2494477DF883" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_p675n_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "95B1D9E1-5BFE-41C1-BF3B-AAD615D01556" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_p675n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CE44D31-6A33-424E-AABF-6A011EFC06F7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_s470_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "A9A82C18-DB1E-4F5E-99FE-EB587A03FFA2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_s470:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE35EDFC-4608-42C1-A28F-5C2863BAA369" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_s570_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "C4CAA10A-4386-44F7-A191-88003B4EE668" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_s570:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CFCB1C44-0865-499D-9845-DD726CE05C10" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_s570_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "C9E30E89-8889-4194-8359-B41221EECB85" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_s570_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDDBE07F-24D2-4492-B70C-8423952F8AE1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_s670_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "F938A266-6BB1-4F1D-8956-7416D0318C51" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_s670:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4A8C1317-89EB-4901-BB2F-A1D5CA43B571" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v470_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "07545205-078E-4724-B272-BE20BF4DD936" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v470:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6D91B986-191E-4852-A0E9-FDBB39D935DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v570_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "444CEF28-002A-4F25-9FA2-2A633B54BFBB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v570:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B462CA31-D81C-40C3-AC65-B21EF77C36EC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v570_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "4D7D9207-2FE8-416F-BF08-C53C5C824182" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v570_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4866F37C-56EB-4AFE-B4C9-E4F33B342F27" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v570f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "14146337-85FF-4AFA-934F-4B5A28C1718A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v570f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1C388426-FDAF-4954-9555-B0797C9DB085" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v570f_vcf_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "DD682291-42C9-468A-B0DE-8CC6AF336AE4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v570f_vcf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D4A539AA-1837-4D2A-967D-55386FC1E14B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_v670f_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "0DE1B961-1EA7-4DC4-82AD-8D9E9B5E5492" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_v670f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D6EF50B-67E1-4373-AD6F-39D53C73C1D8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4000r_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "935CC201-EFB2-478D-BA66-C49C4342CA49" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4000r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D45082F1-56AD-4A99-A628-8FDF02424879" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4000w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "AFC8268F-FD4A-409D-828D-E49898A443C7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4000w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB3AA886-1B65-4E89-BF68-E7FC5D3B7B65" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4000z_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "88AAC10D-C2E7-408C-961D-C484552B501A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4000z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BAD28E42-A52D-4CBF-A0BA-2206C8C7BD11" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4510c_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "C73660C5-EB5D-4EAA-8161-2F17431850A8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4510c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EFF07A7-FF4D-42B1-95F7-A9D7F8CDF39A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:vxrail_vd-4520c_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.450", + "matchCriteriaId": "3C5A1BC6-C7EF-44FD-BB7F-3E12956D3F33" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:vxrail_vd-4520c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "93C59E3C-CCD3-4E72-9E52-6B4D8FBEEFBB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000213011/dsa-2023-071-dell-vxrail-security-update-for-multiple-third-party-component-vulnerabilities-7-0-450", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-333xx/CVE-2023-33335.json b/CVE-2023/CVE-2023-333xx/CVE-2023-33335.json new file mode 100644 index 00000000000..1a6302fae15 --- /dev/null +++ b/CVE-2023/CVE-2023-333xx/CVE-2023-33335.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-33335", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-05T18:15:10.277", + "lastModified": "2023-07-05T18:15:10.277", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-(XSS)-in-Sophos-iView.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3330.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3330.json index dd4a0b51bf9..e4c7c2ca986 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3330.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3330.json @@ -2,16 +2,49 @@ "id": "CVE-2023-3330", "sourceIdentifier": "psirt-info@cyber.jp.nec.com", "published": "2023-06-28T02:15:49.523", - "lastModified": "2023-07-03T03:15:09.473", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:45:49.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0obtain specific files in the product." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "psirt-info@cyber.jp.nec.com", "type": "Secondary", @@ -23,10 +56,474 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", - "source": "psirt-info@cyber.jp.nec.com" + "source": "psirt-info@cyber.jp.nec.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3331.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3331.json index 03eb7358e71..627ffff11d6 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3331.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3331.json @@ -2,16 +2,49 @@ "id": "CVE-2023-3331", "sourceIdentifier": "psirt-info@cyber.jp.nec.com", "published": "2023-06-28T02:15:49.590", - "lastModified": "2023-07-03T03:15:09.560", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:45:37.043", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0delete\n\n specific files in the product." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "psirt-info@cyber.jp.nec.com", "type": "Secondary", @@ -23,10 +56,474 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", - "source": "psirt-info@cyber.jp.nec.com" + "source": "psirt-info@cyber.jp.nec.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3332.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3332.json index 1d7dbb694fa..cf3a155de1f 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3332.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3332.json @@ -2,16 +2,49 @@ "id": "CVE-2023-3332", "sourceIdentifier": "psirt-info@cyber.jp.nec.com", "published": "2023-06-28T02:15:49.650", - "lastModified": "2023-07-03T03:15:09.633", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:19:49.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0\n\nexecute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt-info@cyber.jp.nec.com", "type": "Secondary", @@ -23,10 +56,474 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", - "source": "psirt-info@cyber.jp.nec.com" + "source": "psirt-info@cyber.jp.nec.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3333.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3333.json index 7eb5a81e5c4..c1934ace1a7 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3333.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3333.json @@ -2,16 +2,49 @@ "id": "CVE-2023-3333", "sourceIdentifier": "psirt-info@cyber.jp.nec.com", "published": "2023-06-28T02:15:49.713", - "lastModified": "2023-07-03T03:15:09.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:19:52.590", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "psirt-info@cyber.jp.nec.com", "type": "Secondary", @@ -23,10 +56,474 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", - "source": "psirt-info@cyber.jp.nec.com" + "source": "psirt-info@cyber.jp.nec.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3371.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3371.json index fb561726f52..d95affc025f 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3371.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3371.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3371", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-27T02:15:09.657", - "lastModified": "2023-06-27T16:15:41.447", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T19:24:05.357", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", @@ -50,30 +70,66 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpdeveloper:embedpress:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.7.3", + "matchCriteriaId": "E2AA4D09-9B14-4CCD-83A8-7A60FA06C0B1" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L231", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L278", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/Gutenberg/block-backend/block-embedpress.php#L30", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file10", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file28", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1033b4d-82a0-4484-aebf-f35d6a2a9a13?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34106.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34106.json new file mode 100644 index 00000000000..4126d211e60 --- /dev/null +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34106.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-34106", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-05T18:15:10.330", + "lastModified": "2023-07-05T18:15:10.330", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "GLPI is a free asset and IT management software package. Versions of the software starting with 0.68 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user. This allows access to the list of all users and their personal information. Users should upgrade to version 10.0.8 to receive a patch." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + }, + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/glpi-project/glpi/releases/tag/10.0.8", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-923r-hqh4-wj7c", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34337.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34337.json new file mode 100644 index 00000000000..1ad17806968 --- /dev/null +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34337.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34337", + "sourceIdentifier": "biossecurity@ami.com", + "published": "2023-07-05T19:15:09.800", + "lastModified": "2023-07-05T19:15:09.800", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nAMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability\u00a0may lead to a loss of confidentiality, integrity, and availability. \n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 0.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-326" + } + ] + } + ], + "references": [ + { + "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf", + "source": "biossecurity@ami.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34338.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34338.json new file mode 100644 index 00000000000..8c564c7929e --- /dev/null +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34338.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34338", + "sourceIdentifier": "biossecurity@ami.com", + "published": "2023-07-05T19:15:09.877", + "lastModified": "2023-07-05T19:15:09.877", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.\u00a0" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-321" + } + ] + } + ], + "references": [ + { + "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf", + "source": "biossecurity@ami.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34463.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34463.json index b6a475d43e1..349dcc0986d 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34463.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34463.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34463", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-26T21:15:09.363", - "lastModified": "2023-06-26T22:13:24.933", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:29:05.773", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,10 +66,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.18.8", + "matchCriteriaId": "21DCEC86-16D9-4180-9088-06D6AD31EF93" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34471.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34471.json new file mode 100644 index 00000000000..2316ea87cfc --- /dev/null +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34471.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34471", + "sourceIdentifier": "biossecurity@ami.com", + "published": "2023-07-05T19:15:09.947", + "lastModified": "2023-07-05T19:15:09.947", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\n AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.4, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-325" + } + ] + } + ], + "references": [ + { + "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf", + "source": "biossecurity@ami.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34472.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34472.json new file mode 100644 index 00000000000..9bfcd6f9284 --- /dev/null +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34472.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-34472", + "sourceIdentifier": "biossecurity@ami.com", + "published": "2023-07-05T19:15:10.017", + "lastModified": "2023-07-05T19:15:10.017", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of integrity.\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-113" + }, + { + "lang": "en", + "value": "CWE-93" + } + ] + } + ], + "references": [ + { + "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf", + "source": "biossecurity@ami.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34473.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34473.json new file mode 100644 index 00000000000..37fa3827f36 --- /dev/null +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34473.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34473", + "sourceIdentifier": "biossecurity@ami.com", + "published": "2023-07-05T19:15:10.083", + "lastModified": "2023-07-05T19:15:10.083", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nAMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability\u00a0may lead to a loss of confidentiality, integrity, and availability. \n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.7, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "references": [ + { + "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf", + "source": "biossecurity@ami.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34928.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34928.json index 23690a661d7..7597ad81dfe 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34928.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34928.json @@ -2,19 +2,86 @@ "id": "CVE-2023-34928", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T14:15:09.743", - "lastModified": "2023-06-28T15:25:24.900", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:53:06.870", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the Edit_BasicSSID function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34928.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34929.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34929.json index 9c0bef1cb55..08144e66191 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34929.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34929.json @@ -2,19 +2,86 @@ "id": "CVE-2023-34929", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T14:15:09.790", - "lastModified": "2023-06-28T15:25:24.900", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:52:59.827", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the AddMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34929.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34930.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34930.json index 8fc28e2457d..eeb344bac22 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34930.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34930.json @@ -2,19 +2,86 @@ "id": "CVE-2023-34930", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T14:15:09.833", - "lastModified": "2023-06-28T15:25:24.900", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:52:52.173", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the EditMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34930.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34931.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34931.json index 270c49a51c3..0c16c8c4f11 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34931.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34931.json @@ -2,19 +2,86 @@ "id": "CVE-2023-34931", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T14:15:09.877", - "lastModified": "2023-06-28T15:25:24.900", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:52:45.057", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the EditWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34931.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34932.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34932.json index 932850d02ae..3bfc54806a3 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34932.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34932.json @@ -2,19 +2,86 @@ "id": "CVE-2023-34932", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T14:15:09.923", - "lastModified": "2023-06-28T15:25:24.900", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:52:37.597", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the UpdateWanMode function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34932.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34933.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34933.json index 971ae4b4b41..ed83be02cdb 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34933.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34933.json @@ -2,19 +2,87 @@ "id": "CVE-2023-34933", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T15:15:10.193", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:49:01.307", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the UpdateWanParams function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34933.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34934.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34934.json index 09e82b8f4a2..2dd96225a15 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34934.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34934.json @@ -2,19 +2,87 @@ "id": "CVE-2023-34934", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T15:15:10.240", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:48:47.040", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the Edit_BasicSSID_5G function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34934.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34935.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34935.json index f8fa94ba6a9..f9f63354b21 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34935.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34935.json @@ -2,19 +2,87 @@ "id": "CVE-2023-34935", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T15:15:10.283", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:48:29.870", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34935.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34936.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34936.json index 475fcf91607..4d975dd1ecb 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34936.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34936.json @@ -2,19 +2,87 @@ "id": "CVE-2023-34936", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T15:15:10.333", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:48:19.643", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34936.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34937.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34937.json index 541f12b162d..81767de3e3e 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34937.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34937.json @@ -2,19 +2,87 @@ "id": "CVE-2023-34937", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-28T15:15:10.377", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:48:00.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stack overflow in the UpdateSnat function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*", + "matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34937.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3407.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3407.json index 789d8e524fe..7939d1b6d69 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3407.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3407.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3407", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-28T03:15:09.243", - "lastModified": "2023-06-28T12:34:43.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:37:01.277", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, @@ -50,18 +70,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:subscribe2_project:subscribe2:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "10.40", + "matchCriteriaId": "34325F77-97FF-4F8E-AA88-30E2B687950B" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2930676", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/92b4d800-2895-4f7b-8b3b-ee6df75a7908?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3427.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3427.json index df8563ffc9a..f6df3c14be5 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3427.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3427.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3427", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-28T02:15:49.783", - "lastModified": "2023-06-28T12:34:43.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:42:38.810", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", @@ -46,18 +66,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "8.4.6", + "matchCriteriaId": "448FEF9C-79E4-447B-ACC5-E7EDDE3CBE0E" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Customers.php?rev=2779160#L68", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2931406%40salon-booking-system&new=2931406%40salon-booking-system&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93875f19-d9b9-4e33-bba9-afc75cf26bf2?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3445.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3445.json index 8e3ac876daf..4eabde08e31 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3445.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3445.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3445", "sourceIdentifier": "security@huntr.dev", "published": "2023-06-28T14:15:10.117", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:52:26.923", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:denkgroot:spina:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.15.1", + "matchCriteriaId": "CA56A37D-3579-48FE-AA0E-B3BD80E73D74" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/spinacms/spina/commit/9adfe7b4807b3cc10dbb7351a26cc32f5d8c14a3", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/18a74a9d-4a2d-4bf8-ae62-56a909427070", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35001.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35001.json new file mode 100644 index 00000000000..37ac33bca0e --- /dev/null +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35001.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-35001", + "sourceIdentifier": "security@ubuntu.com", + "published": "2023-07-05T19:15:10.147", + "lastModified": "2023-07-05T19:15:10.147", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://lore.kernel.org/netfilter-devel/20230705121515.747251-1-cascardo@canonical.com/T/", + "source": "security@ubuntu.com" + }, + { + "url": "https://www.openwall.com/lists/oss-security/2023/07/05/3", + "source": "security@ubuntu.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35164.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35164.json index 58d0a72bb8c..82132758a59 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35164.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35164.json @@ -2,16 +2,40 @@ "id": "CVE-2023-35164", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-26T22:15:11.317", - "lastModified": "2023-06-26T22:22:30.843", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:17:45.713", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing authorization check allows unauthorized users to manipulate a dashboard created by the administrator. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "DataEase es una herramienta de an\u00e1lisis de visualizaci\u00f3n de datos de c\u00f3digo abierto para analizar datos y obtener informaci\u00f3n sobre las tendencias empresariales. En las versiones afectadas, la falta de una comprobaci\u00f3n de autorizaci\u00f3n permite a usuarios no autorizados manipular un cuadro de mando creado por el administrador. Esta vulnerabilidad se ha corregido en la versi\u00f3n 1.18.8. Se recomienda a los usuarios que la actualicen. No se conocen soluciones para esta vulnerabilidad. " } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,10 +70,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.18.8", + "matchCriteriaId": "21DCEC86-16D9-4180-9088-06D6AD31EF93" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgj", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35168.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35168.json index b9541a58c6e..f75a04a6df4 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35168.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35168.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35168", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-26T21:15:09.483", - "lastModified": "2023-06-26T22:13:24.933", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-05T18:26:34.743", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,10 +66,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.18.8", + "matchCriteriaId": "21DCEC86-16D9-4180-9088-06D6AD31EF93" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dataease/dataease/security/advisories/GHSA-c2r2-68p6-73xv", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35863.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35863.json new file mode 100644 index 00000000000..3822fb67630 --- /dev/null +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35863.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-35863", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-05T18:15:10.420", + "lastModified": "2023-07-05T18:15:10.420", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ctrl-c.club/~blue/nfsdk.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.madefornet.com/products.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.michaelrowley.dev/research/posts/nfsdk/nfsdk.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8c6ca3f7a3b..4ca138a7133 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-05T18:00:34.099372+00:00 +2023-07-05T20:00:38.490985+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-05T17:52:50.177000+00:00 +2023-07-05T19:50:58.443000+00:00 ``` ### Last Data Feed Release @@ -29,51 +29,56 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -219196 +219208 ``` ### CVEs added in the last Commit -Recently added CVEs: `7` +Recently added CVEs: `12` -* [CVE-2020-25969](CVE-2020/CVE-2020-259xx/CVE-2020-25969.json) (`2023-07-05T17:15:09.213`) -* [CVE-2023-27390](CVE-2023/CVE-2023-273xx/CVE-2023-27390.json) (`2023-07-05T16:15:09.507`) -* [CVE-2023-31194](CVE-2023/CVE-2023-311xx/CVE-2023-31194.json) (`2023-07-05T16:15:09.600`) -* [CVE-2023-36932](CVE-2023/CVE-2023-369xx/CVE-2023-36932.json) (`2023-07-05T16:15:09.687`) -* [CVE-2023-36933](CVE-2023/CVE-2023-369xx/CVE-2023-36933.json) (`2023-07-05T16:15:09.740`) -* [CVE-2023-36934](CVE-2023/CVE-2023-369xx/CVE-2023-36934.json) (`2023-07-05T16:15:09.793`) -* [CVE-2023-25399](CVE-2023/CVE-2023-253xx/CVE-2023-25399.json) (`2023-07-05T17:15:09.320`) +* [CVE-2020-23452](CVE-2020/CVE-2020-234xx/CVE-2020-23452.json) (`2023-07-05T18:15:09.750`) +* [CVE-2023-30607](CVE-2023/CVE-2023-306xx/CVE-2023-30607.json) (`2023-07-05T18:15:10.070`) +* [CVE-2023-33335](CVE-2023/CVE-2023-333xx/CVE-2023-33335.json) (`2023-07-05T18:15:10.277`) +* [CVE-2023-34106](CVE-2023/CVE-2023-341xx/CVE-2023-34106.json) (`2023-07-05T18:15:10.330`) +* [CVE-2023-35863](CVE-2023/CVE-2023-358xx/CVE-2023-35863.json) (`2023-07-05T18:15:10.420`) +* [CVE-2023-31248](CVE-2023/CVE-2023-312xx/CVE-2023-31248.json) (`2023-07-05T19:15:09.713`) +* [CVE-2023-34337](CVE-2023/CVE-2023-343xx/CVE-2023-34337.json) (`2023-07-05T19:15:09.800`) +* [CVE-2023-34338](CVE-2023/CVE-2023-343xx/CVE-2023-34338.json) (`2023-07-05T19:15:09.877`) +* [CVE-2023-34471](CVE-2023/CVE-2023-344xx/CVE-2023-34471.json) (`2023-07-05T19:15:09.947`) +* [CVE-2023-34472](CVE-2023/CVE-2023-344xx/CVE-2023-34472.json) (`2023-07-05T19:15:10.017`) +* [CVE-2023-34473](CVE-2023/CVE-2023-344xx/CVE-2023-34473.json) (`2023-07-05T19:15:10.083`) +* [CVE-2023-35001](CVE-2023/CVE-2023-350xx/CVE-2023-35001.json) (`2023-07-05T19:15:10.147`) ### CVEs modified in the last Commit -Recently modified CVEs: `49` +Recently modified CVEs: `47` -* [CVE-2023-3515](CVE-2023/CVE-2023-35xx/CVE-2023-3515.json) (`2023-07-05T16:25:41.353`) -* [CVE-2023-34098](CVE-2023/CVE-2023-340xx/CVE-2023-34098.json) (`2023-07-05T16:25:47.773`) -* [CVE-2023-26274](CVE-2023/CVE-2023-262xx/CVE-2023-26274.json) (`2023-07-05T16:26:09.287`) -* [CVE-2023-26276](CVE-2023/CVE-2023-262xx/CVE-2023-26276.json) (`2023-07-05T16:26:24.613`) -* [CVE-2023-22593](CVE-2023/CVE-2023-225xx/CVE-2023-22593.json) (`2023-07-05T16:28:23.427`) -* [CVE-2023-23468](CVE-2023/CVE-2023-234xx/CVE-2023-23468.json) (`2023-07-05T16:28:41.243`) -* [CVE-2023-25004](CVE-2023/CVE-2023-250xx/CVE-2023-25004.json) (`2023-07-05T16:29:14.923`) -* [CVE-2023-29068](CVE-2023/CVE-2023-290xx/CVE-2023-29068.json) (`2023-07-05T16:29:40.353`) -* [CVE-2023-34673](CVE-2023/CVE-2023-346xx/CVE-2023-34673.json) (`2023-07-05T16:30:36.027`) -* [CVE-2023-33565](CVE-2023/CVE-2023-335xx/CVE-2023-33565.json) (`2023-07-05T16:38:44.877`) -* [CVE-2023-34254](CVE-2023/CVE-2023-342xx/CVE-2023-34254.json) (`2023-07-05T16:53:39.367`) -* [CVE-2023-30757](CVE-2023/CVE-2023-307xx/CVE-2023-30757.json) (`2023-07-05T17:01:26.063`) -* [CVE-2023-29129](CVE-2023/CVE-2023-291xx/CVE-2023-29129.json) (`2023-07-05T17:02:50.873`) -* [CVE-2023-32019](CVE-2023/CVE-2023-320xx/CVE-2023-32019.json) (`2023-07-05T17:15:09.380`) -* [CVE-2023-33584](CVE-2023/CVE-2023-335xx/CVE-2023-33584.json) (`2023-07-05T17:15:09.477`) -* [CVE-2023-2005](CVE-2023/CVE-2023-20xx/CVE-2023-2005.json) (`2023-07-05T17:16:12.110`) -* [CVE-2023-2290](CVE-2023/CVE-2023-22xx/CVE-2023-2290.json) (`2023-07-05T17:22:10.923`) -* [CVE-2023-2992](CVE-2023/CVE-2023-29xx/CVE-2023-2992.json) (`2023-07-05T17:27:57.377`) -* [CVE-2023-2993](CVE-2023/CVE-2023-29xx/CVE-2023-2993.json) (`2023-07-05T17:30:11.073`) -* [CVE-2023-33404](CVE-2023/CVE-2023-334xx/CVE-2023-33404.json) (`2023-07-05T17:35:32.947`) -* [CVE-2023-28829](CVE-2023/CVE-2023-288xx/CVE-2023-28829.json) (`2023-07-05T17:36:45.750`) -* [CVE-2023-27465](CVE-2023/CVE-2023-274xx/CVE-2023-27465.json) (`2023-07-05T17:48:25.550`) -* [CVE-2023-33176](CVE-2023/CVE-2023-331xx/CVE-2023-33176.json) (`2023-07-05T17:49:17.157`) -* [CVE-2023-28991](CVE-2023/CVE-2023-289xx/CVE-2023-28991.json) (`2023-07-05T17:52:33.687`) -* [CVE-2023-28988](CVE-2023/CVE-2023-289xx/CVE-2023-28988.json) (`2023-07-05T17:52:50.177`) +* [CVE-2023-34933](CVE-2023/CVE-2023-349xx/CVE-2023-34933.json) (`2023-07-05T18:49:01.307`) +* [CVE-2023-26615](CVE-2023/CVE-2023-266xx/CVE-2023-26615.json) (`2023-07-05T18:50:06.507`) +* [CVE-2023-3445](CVE-2023/CVE-2023-34xx/CVE-2023-3445.json) (`2023-07-05T18:52:26.923`) +* [CVE-2023-34932](CVE-2023/CVE-2023-349xx/CVE-2023-34932.json) (`2023-07-05T18:52:37.597`) +* [CVE-2023-34931](CVE-2023/CVE-2023-349xx/CVE-2023-34931.json) (`2023-07-05T18:52:45.057`) +* [CVE-2023-34930](CVE-2023/CVE-2023-349xx/CVE-2023-34930.json) (`2023-07-05T18:52:52.173`) +* [CVE-2023-34929](CVE-2023/CVE-2023-349xx/CVE-2023-34929.json) (`2023-07-05T18:52:59.827`) +* [CVE-2023-34928](CVE-2023/CVE-2023-349xx/CVE-2023-34928.json) (`2023-07-05T18:53:06.870`) +* [CVE-2023-30259](CVE-2023/CVE-2023-302xx/CVE-2023-30259.json) (`2023-07-05T18:53:44.850`) +* [CVE-2023-31974](CVE-2023/CVE-2023-319xx/CVE-2023-31974.json) (`2023-07-05T19:00:17.533`) +* [CVE-2023-31973](CVE-2023/CVE-2023-319xx/CVE-2023-31973.json) (`2023-07-05T19:00:20.850`) +* [CVE-2023-31972](CVE-2023/CVE-2023-319xx/CVE-2023-31972.json) (`2023-07-05T19:00:26.747`) +* [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-07-05T19:01:42.130`) +* [CVE-2023-22834](CVE-2023/CVE-2023-228xx/CVE-2023-22834.json) (`2023-07-05T19:14:49.097`) +* [CVE-2023-3332](CVE-2023/CVE-2023-33xx/CVE-2023-3332.json) (`2023-07-05T19:19:49.067`) +* [CVE-2023-3333](CVE-2023/CVE-2023-33xx/CVE-2023-3333.json) (`2023-07-05T19:19:52.590`) +* [CVE-2023-3371](CVE-2023/CVE-2023-33xx/CVE-2023-3371.json) (`2023-07-05T19:24:05.357`) +* [CVE-2023-21195](CVE-2023/CVE-2023-211xx/CVE-2023-21195.json) (`2023-07-05T19:25:24.387`) +* [CVE-2023-21196](CVE-2023/CVE-2023-211xx/CVE-2023-21196.json) (`2023-07-05T19:27:24.927`) +* [CVE-2023-21197](CVE-2023/CVE-2023-211xx/CVE-2023-21197.json) (`2023-07-05T19:35:40.793`) +* [CVE-2023-21198](CVE-2023/CVE-2023-211xx/CVE-2023-21198.json) (`2023-07-05T19:38:07.660`) +* [CVE-2023-21199](CVE-2023/CVE-2023-211xx/CVE-2023-21199.json) (`2023-07-05T19:42:07.917`) +* [CVE-2023-21200](CVE-2023/CVE-2023-212xx/CVE-2023-21200.json) (`2023-07-05T19:45:27.017`) +* [CVE-2023-21201](CVE-2023/CVE-2023-212xx/CVE-2023-21201.json) (`2023-07-05T19:46:48.690`) +* [CVE-2023-21202](CVE-2023/CVE-2023-212xx/CVE-2023-21202.json) (`2023-07-05T19:48:33.540`) ## Download and Usage