Auto-Update: 2024-06-08T23:55:18.955456+00:00

2025-05-08 03:27:17 +00:00 · 2024-06-08 23:58:11 +00:00 · 2024-06-08 23:58:11 +00:00 · b79ffec6e1
commit b79ffec6e1
parent 73e9262ac5
3 changed files with 100 additions and 8 deletions
--- a/CVE-2024/CVE-2024-57xx/CVE-2024-5771.json
+++ b/CVE-2024/CVE-2024-57xx/CVE-2024-5771.json
@ -0,0 +1,92 @@
+{
+  "id": "CVE-2024-5771",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-06-08T22:15:48.660",
+  "lastModified": "2024-06-08T22:15:48.660",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability affects unknown code of the file /labvantage/rc?command=page&page=SampleList&_iframename=list of the component POST Request Handler. The manipulation of the argument param1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-267454 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://gentle-khaan-c53.notion.site/Labvantage-LIMS-3bb2137a29944e7e9efc906f23b42a4a",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.267454",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.267454",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.347403",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-06-08T22:00:17.800288+00:00
+2024-06-08T23:55:18.955456+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-06-08T20:15:52.347000+00:00
+2024-06-08T22:15:48.660000+00:00
 ```

 ### Last Data Feed Release
@ -33,15 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-253097
+253098
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `2`
+Recently added CVEs: `1`

- [CVE-2024-4146](CVE-2024/CVE-2024-41xx/CVE-2024-4146.json) (`2024-06-08T20:15:52.117`)
- [CVE-2024-4680](CVE-2024/CVE-2024-46xx/CVE-2024-4680.json) (`2024-06-08T20:15:52.347`)
+- [CVE-2024-5771](CVE-2024/CVE-2024-57xx/CVE-2024-5771.json) (`2024-06-08T22:15:48.660`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -252124,7 +252124,7 @@ CVE-2024-4140,0,0,bb3e400fe6c4b8cf6821bf141f5d1d6536fc52c547337b85d936fc6d6f95cc
 CVE-2024-4141,0,0,569cd2fcd9188d9eabeb08d432690880975d5549c17482aa7e239fef9c6bb2e6,2024-04-24T19:58:40.710000
 CVE-2024-4142,0,0,6297707db3df670a282f3d4e6720e4836d7467220b5fcc108ef053e6a6308f68,2024-05-02T13:27:25.103000
 CVE-2024-4144,0,0,804f070eb7c147c92dd9f6be5c3d4dba7563c2bc35d2c208518fc5d01b232644,2024-05-14T19:17:55.627000
-CVE-2024-4146,1,1,77c1608f631074e85978e51b0f1275774840b11b9c279d4a356c25da785ac59e,2024-06-08T20:15:52.117000
+CVE-2024-4146,0,0,77c1608f631074e85978e51b0f1275774840b11b9c279d4a356c25da785ac59e,2024-06-08T20:15:52.117000
 CVE-2024-4148,0,0,99472767520f10bad17ca80099c5e2a59b64c04b882cb0fc99c8823f2860bd7b,2024-06-03T14:46:24.250000
 CVE-2024-4150,0,0,faed1039ecc56269b946edc3dde84ea0ad72d4967895c1be6d39f317de75f649,2024-05-14T16:11:39.510000
 CVE-2024-4151,0,0,500903b4f0f30e11a0df3621c175651eac21ce51d803c0af0322e88c41c92b80,2024-05-20T15:17:54.513000
@ -252513,7 +252513,7 @@ CVE-2024-4675,0,0,99967e72c6db427644f71025f45ebd19c1eab605b7a577005e0fc9cbd63578
 CVE-2024-4676,0,0,03b11ebef33b72c901a614142723e2f321de82dd9b411ea63d35e0e5603a1dbe,2024-06-04T19:20:45.727000
 CVE-2024-4677,0,0,4f9a6dbfe0985e347bcfdc5f5094e8d31b426c2eea19d3640641b70b147444d5,2024-06-04T19:20:45.830000
 CVE-2024-4678,0,0,01142dfedc6c508e55644d22f55fc9a4940aaf8f07d20367187d47b4f0bad3bd,2024-06-04T19:20:45.930000
-CVE-2024-4680,1,1,178cd6f020c8e8e31182c49ff0d5f1a0c67d9b92f45d6bd38df461cfe82f75cd,2024-06-08T20:15:52.347000
+CVE-2024-4680,0,0,178cd6f020c8e8e31182c49ff0d5f1a0c67d9b92f45d6bd38df461cfe82f75cd,2024-06-08T20:15:52.347000
 CVE-2024-4681,0,0,cbc732229963bbfca1edc5d61a36a5e284d1f38ffec8898ba583cf654e3600fa,2024-06-04T19:20:46.033000
 CVE-2024-4682,0,0,c25a0dc6cb7913ea1ac2615ef6eb1a11963ee089c245bdcd830e79d2927cdae4,2024-06-04T19:20:46.140000
 CVE-2024-4683,0,0,d6b53bad3485867a856925350aee804f1541a87acce19d197fd49944e1400e44,2024-06-04T19:20:46.247000
@ -253096,3 +253096,4 @@ CVE-2024-5758,0,0,256bdf36325369b4c0dc6f8fe6e02f8840c37558f437c19f80b9b4e84e6dc3
 CVE-2024-5761,0,0,e0022a8d80317cd3941058bae14b514f68707790a5051038049a1d552ba8de69,2024-06-07T19:15:24.467000
 CVE-2024-5766,0,0,b382821a65eefd874d3990e716beed64ed6e05799058a5dbfa1ab76c832644a2,2024-06-08T12:15:10.117000
 CVE-2024-5770,0,0,fe310be1d952d0455f64ae72c485c582bcaeef4aad88d85c194ca59111d07deb,2024-06-08T05:15:40.320000
+CVE-2024-5771,1,1,544c69d557f3f1445d867df7783efe66cb201979ca9a9a489935450045960947,2024-06-08T22:15:48.660000