From b7eb2654758c2df21f244c2111e20f300d532d82 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 11 Aug 2023 06:00:33 +0000 Subject: [PATCH] Auto-Update: 2023-08-11T06:00:30.177657+00:00 --- CVE-2023/CVE-2023-402xx/CVE-2023-40256.json | 43 +++++++++++++++ README.md | 61 ++------------------- 2 files changed, 49 insertions(+), 55 deletions(-) create mode 100644 CVE-2023/CVE-2023-402xx/CVE-2023-40256.json diff --git a/CVE-2023/CVE-2023-402xx/CVE-2023-40256.json b/CVE-2023/CVE-2023-402xx/CVE-2023-40256.json new file mode 100644 index 00000000000..4aa0a4b490f --- /dev/null +++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40256.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-40256", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-11T05:15:42.450", + "lastModified": "2023-08-11T05:15:42.450", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS23-011", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 456b97f6630..21d3ae2786a 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-11T04:00:28.912696+00:00 +2023-08-11T06:00:30.177657+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-11T03:44:51.127000+00:00 +2023-08-11T05:15:42.450000+00:00 ``` ### Last Data Feed Release @@ -29,69 +29,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -222430 +222431 ``` ### CVEs added in the last Commit -Recently added CVEs: `79` +Recently added CVEs: `1` -* [CVE-2023-28711](CVE-2023/CVE-2023-287xx/CVE-2023-28711.json) (`2023-08-11T03:15:25.803`) -* [CVE-2023-28714](CVE-2023/CVE-2023-287xx/CVE-2023-28714.json) (`2023-08-11T03:15:25.880`) -* [CVE-2023-28736](CVE-2023/CVE-2023-287xx/CVE-2023-28736.json) (`2023-08-11T03:15:25.950`) -* [CVE-2023-28823](CVE-2023/CVE-2023-288xx/CVE-2023-28823.json) (`2023-08-11T03:15:26.530`) -* [CVE-2023-28938](CVE-2023/CVE-2023-289xx/CVE-2023-28938.json) (`2023-08-11T03:15:27.257`) -* [CVE-2023-29151](CVE-2023/CVE-2023-291xx/CVE-2023-29151.json) (`2023-08-11T03:15:27.830`) -* [CVE-2023-29243](CVE-2023/CVE-2023-292xx/CVE-2023-29243.json) (`2023-08-11T03:15:27.927`) -* [CVE-2023-29494](CVE-2023/CVE-2023-294xx/CVE-2023-29494.json) (`2023-08-11T03:15:30.820`) -* [CVE-2023-29500](CVE-2023/CVE-2023-295xx/CVE-2023-29500.json) (`2023-08-11T03:15:31.163`) -* [CVE-2023-30760](CVE-2023/CVE-2023-307xx/CVE-2023-30760.json) (`2023-08-11T03:15:31.437`) -* [CVE-2023-31246](CVE-2023/CVE-2023-312xx/CVE-2023-31246.json) (`2023-08-11T03:15:31.570`) -* [CVE-2023-32285](CVE-2023/CVE-2023-322xx/CVE-2023-32285.json) (`2023-08-11T03:15:31.647`) -* [CVE-2023-32543](CVE-2023/CVE-2023-325xx/CVE-2023-32543.json) (`2023-08-11T03:15:31.907`) -* [CVE-2023-32547](CVE-2023/CVE-2023-325xx/CVE-2023-32547.json) (`2023-08-11T03:15:32.230`) -* [CVE-2023-32609](CVE-2023/CVE-2023-326xx/CVE-2023-32609.json) (`2023-08-11T03:15:32.403`) -* [CVE-2023-32617](CVE-2023/CVE-2023-326xx/CVE-2023-32617.json) (`2023-08-11T03:15:32.687`) -* [CVE-2023-32656](CVE-2023/CVE-2023-326xx/CVE-2023-32656.json) (`2023-08-11T03:15:32.840`) -* [CVE-2023-32663](CVE-2023/CVE-2023-326xx/CVE-2023-32663.json) (`2023-08-11T03:15:32.987`) -* [CVE-2023-33867](CVE-2023/CVE-2023-338xx/CVE-2023-33867.json) (`2023-08-11T03:15:33.290`) -* [CVE-2023-33877](CVE-2023/CVE-2023-338xx/CVE-2023-33877.json) (`2023-08-11T03:15:33.520`) -* [CVE-2023-34086](CVE-2023/CVE-2023-340xx/CVE-2023-34086.json) (`2023-08-11T03:15:33.763`) -* [CVE-2023-34349](CVE-2023/CVE-2023-343xx/CVE-2023-34349.json) (`2023-08-11T03:15:34.000`) -* [CVE-2023-34355](CVE-2023/CVE-2023-343xx/CVE-2023-34355.json) (`2023-08-11T03:15:34.240`) -* [CVE-2023-34427](CVE-2023/CVE-2023-344xx/CVE-2023-34427.json) (`2023-08-11T03:15:34.447`) -* [CVE-2023-34438](CVE-2023/CVE-2023-344xx/CVE-2023-34438.json) (`2023-08-11T03:15:34.693`) +* [CVE-2023-40256](CVE-2023/CVE-2023-402xx/CVE-2023-40256.json) (`2023-08-11T05:15:42.450`) ### CVEs modified in the last Commit -Recently modified CVEs: `38` +Recently modified CVEs: `0` -* [CVE-2023-23342](CVE-2023/CVE-2023-233xx/CVE-2023-23342.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-32566](CVE-2023/CVE-2023-325xx/CVE-2023-32566.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-32567](CVE-2023/CVE-2023-325xx/CVE-2023-32567.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-35085](CVE-2023/CVE-2023-350xx/CVE-2023-35085.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-38034](CVE-2023/CVE-2023-380xx/CVE-2023-38034.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-28129](CVE-2023/CVE-2023-281xx/CVE-2023-28129.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-32560](CVE-2023/CVE-2023-325xx/CVE-2023-32560.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-32561](CVE-2023/CVE-2023-325xx/CVE-2023-32561.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-32562](CVE-2023/CVE-2023-325xx/CVE-2023-32562.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-32563](CVE-2023/CVE-2023-325xx/CVE-2023-32563.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-32564](CVE-2023/CVE-2023-325xx/CVE-2023-32564.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-32565](CVE-2023/CVE-2023-325xx/CVE-2023-32565.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-37625](CVE-2023/CVE-2023-376xx/CVE-2023-37625.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-39805](CVE-2023/CVE-2023-398xx/CVE-2023-39805.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-39806](CVE-2023/CVE-2023-398xx/CVE-2023-39806.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-40014](CVE-2023/CVE-2023-400xx/CVE-2023-40014.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-40224](CVE-2023/CVE-2023-402xx/CVE-2023-40224.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-38333](CVE-2023/CVE-2023-383xx/CVE-2023-38333.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-40225](CVE-2023/CVE-2023-402xx/CVE-2023-40225.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-40235](CVE-2023/CVE-2023-402xx/CVE-2023-40235.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-35179](CVE-2023/CVE-2023-351xx/CVE-2023-35179.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-37511](CVE-2023/CVE-2023-375xx/CVE-2023-37511.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-37512](CVE-2023/CVE-2023-375xx/CVE-2023-37512.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-37513](CVE-2023/CVE-2023-375xx/CVE-2023-37513.json) (`2023-08-11T03:44:51.127`) -* [CVE-2023-4304](CVE-2023/CVE-2023-43xx/CVE-2023-4304.json) (`2023-08-11T03:44:51.127`) ## Download and Usage