admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-18T16:00:48.018437+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-18 16:03:46 +00:00
parent 9d6c4d23b5
commit b84c21a834
139 changed files with 11405 additions and 257 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2022/CVE-2022-257xx/CVE-2022-25769.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2022-25769",
"sourceIdentifier": "security@mautic.org",
"published": "2024-09-18T15:15:13.060",
"lastModified": "2024-09-18T15:15:13.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ImpactThe default .htaccess file has some restrictions in the access to PHP files to only allow specific PHP files to be executed in the root of the application.\n\nThis logic isn't correct, as the regex in the second FilesMatch only checks the filename, not the full path."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@mautic.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security@mautic.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://github.com/mautic/mautic/security/advisories/GHSA-mj6m-246h-9w56",
"source": "security@mautic.org"
},
{
"url": "https://www.mautic.org/blog/community/mautic-4-2-one-small-step-mautic",
"source": "security@mautic.org"
}
]
}

56
CVE-2022/CVE-2022-257xx/CVE-2022-25774.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2022-25774",
"sourceIdentifier": "security@mautic.org",
"published": "2024-09-18T15:15:13.253",
"lastModified": "2024-09-18T15:15:13.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.\n\nUsers could inject malicious code into the notification when saving Dashboards."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@mautic.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@mautic.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/mautic/mautic/security/advisories/GHSA-fhcx-f7jg-jx3f",
"source": "security@mautic.org"
}
]
}

56
CVE-2022/CVE-2022-257xx/CVE-2022-25775.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2022-25775",
"sourceIdentifier": "security@mautic.org",
"published": "2024-09-18T15:15:13.440",
"lastModified": "2024-09-18T15:15:13.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.\n\nThe user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@mautic.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@mautic.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94",
"source": "security@mautic.org"
}
]
}

56
CVE-2022/CVE-2022-257xx/CVE-2022-25776.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2022-25776",
"sourceIdentifier": "security@mautic.org",
"published": "2024-09-18T15:15:13.620",
"lastModified": "2024-09-18T15:15:13.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing.\n\nUsers could potentially access sensitive data such as names and surnames, company names and stage names."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@mautic.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security@mautic.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://github.com/mautic/mautic/security/advisories/GHSA-qjx3-2g35-6hv8",
"source": "security@mautic.org"
}
]
}

135
CVE-2022/CVE-2022-487xx/CVE-2022-48756.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48756",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-20T12:15:13.740",
"lastModified": "2024-06-20T12:43:25.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:59:50.983",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,150 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: drm/msm/dsi: comprobaci\u00f3n de par\u00e1metro no v\u00e1lido en msm_dsi_phy_enable La funci\u00f3n realiza una comprobaci\u00f3n del par\u00e1metro de entrada \"phy\", sin embargo, se utiliza antes de la comprobaci\u00f3n. Inicialice la variable \"dev\" despu\u00e9s de la verificaci\u00f3n de cordura para evitar una posible desreferencia del puntero NULL. Direcciones-Coverity-ID: 1493860 (\"Desreferencia de puntero nulo\")"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3",
"versionEndExcluding": "4.14.265",
"matchCriteriaId": "B72F14E6-57AC-4FFD-A66C-6C9F2831248F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.228",
"matchCriteriaId": "87288F16-8DE4-4680-95D9-8601B47620D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.176",
"matchCriteriaId": "581D4C61-D3FC-4DB2-85E3-EE596EEBA89E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.96",
"matchCriteriaId": "27A6621A-A196-4220-957F-334B9124E477"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.19",
"matchCriteriaId": "DF69DD7C-FD57-4914-ABB0-FAEF87B0289D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.5",
"matchCriteriaId": "1AD9E77E-B27E-450C-8FD8-B64EC5FB002D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

25
CVE-2023/CVE-2023-284xx/CVE-2023-28451.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-28451",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:13.900",
"lastModified": "2024-09-18T15:15:13.900",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Technitium 11.0.2. There is a vulnerability (called BadDNS) in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing DoS (denial of service) for normal resolution. The effects of an exploit would be widespread and highly impactful, because the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3.",
"source": "cve@mitre.org"
},
{
"url": "https://technitium.com/dns/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-284xx/CVE-2023-28452.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-28452",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:13.957",
"lastModified": "2024-09-18T15:15:13.957",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID."
}
],
"metrics": {},
"references": [
{
"url": "https://coredns.io/",
"source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/idealeer/e41c7fb3b661d4262d0b6f21e12168ba",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-284xx/CVE-2023-28455.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-28455",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:14.020",
"lastModified": "2024-09-18T15:15:14.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Technitium through 11.0.2. The forwarding mode enables attackers to create a query loop using Technitium resolvers, launching amplification attacks and causing potential DoS."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3",
"source": "cve@mitre.org"
},
{
"url": "https://technitium.com/dns/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-284xx/CVE-2023-28456.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-28456",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:14.083",
"lastModified": "2024-09-18T15:15:14.083",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Technitium through 11.0.2. It enables attackers to launch amplification attacks (3 times more than other \"golden model\" software like BIND) and cause potential DoS."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3",
"source": "cve@mitre.org"
},
{
"url": "https://technitium.com/dns/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-284xx/CVE-2023-28457.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-28457",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:14.143",
"lastModified": "2024-09-18T15:15:14.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache poisoning attack and inject fake responses within 1 second, which is impactful."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3",
"source": "cve@mitre.org"
},
{
"url": "https://technitium.com/dns/",
"source": "cve@mitre.org"
}
]
}

62
CVE-2023/CVE-2023-372xx/CVE-2023-37232.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37232",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-10T16:15:18.497",
"lastModified": "2024-09-10T20:35:01.567",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T15:55:43.113",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:loftware:spectrum:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.6",
"matchCriteriaId": "A52A66B4-E2ED-498B-8D00-FCC80577738A"
}
]
}
]
}
],
"references": [
{
"url": "https://code-white.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://code-white.com/public-vulnerability-list/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

25
CVE-2023/CVE-2023-492xx/CVE-2023-49203.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-49203",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:14.513",
"lastModified": "2024-09-18T15:15:14.513",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Technitium 11.5.3 allows remote attackers to cause a denial of service (bandwidth amplification) because the DNSBomb manipulation causes accumulation of low-rate DNS queries such that there is a large-sized response in a burst of traffic."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3.",
"source": "cve@mitre.org"
},
{
"url": "https://technitium.com/dns/",
"source": "cve@mitre.org"
}
]
}

57
CVE-2024/CVE-2024-01xx/CVE-2024-0109.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0109",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-08-31T09:15:05.140",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T15:18:06.117",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.6.0",
"matchCriteriaId": "D738AEA3-D35A-4153-922B-AB6882706662"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5564",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-01xx/CVE-2024-0110.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0110",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-08-31T09:15:05.990",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T15:16:37.990",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.6.0",
"matchCriteriaId": "D738AEA3-D35A-4153-922B-AB6882706662"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5564",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-01xx/CVE-2024-0111.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0111",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-08-31T09:15:06.593",
"lastModified": "2024-09-13T18:47:02.913",
"lastModified": "2024-09-18T15:22:14.727",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -91,8 +91,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.6",
"matchCriteriaId": "5F98DC3E-765E-4F48-9F43-26A90272E497"
"versionEndIncluding": "12.6.0",
"matchCriteriaId": "D738AEA3-D35A-4153-922B-AB6882706662"
}
]
}

125
CVE-2024/CVE-2024-211xx/CVE-2024-21144.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21144",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:15.810",
"lastModified": "2024-07-19T14:15:05.497",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T15:15:42.963",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,7 +18,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -36,17 +36,132 @@
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
},
{
"source": "secalert_us@oracle.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jdk:1.8.0:update411:*:*:-:*:*:*",
"matchCriteriaId": "0CBFE7F8-2C34-4A8B-8943-5720C841155B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jdk:1.8.0:update411:*:*:enterprise_performance_pack:*:*:*",
"matchCriteriaId": "F3441A33-4B6A-4519-B9BC-85B4FD3EA1A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jdk:11.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "60E1FB80-1E78-4B8B-B06A-241CE47A2FAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jre:1.8.0:update411:*:*:-:*:*:*",
"matchCriteriaId": "1F271E0A-1B19-4126-A34C-26FC2CA21D0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jre:1.8.0:update411:*:*:enterprise_performance_pack:*:*:*",
"matchCriteriaId": "A5426759-CA79-4B2D-8286-A9BA173EC998"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jre:11.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7E21DF85-DA91-484B-80C0-0DCFEDD57727"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm:20.3.14:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "AA5074F2-F35B-499E-A181-E272449B044D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm:21.3.10:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "39F28D35-48E1-450D-884A-D2578C99E8EC"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240719-0007/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2024.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

168
CVE-2024/CVE-2024-211xx/CVE-2024-21145.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21145",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:15.993",
"lastModified": "2024-07-19T14:15:05.580",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T15:16:36.450",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,14 +39,174 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm:20.3.14:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "AA5074F2-F35B-499E-A181-E272449B044D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm:21.3.10:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "39F28D35-48E1-450D-884A-D2578C99E8EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm:22.0.1:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "CD50990D-63DE-412F-B370-0568EA8B32FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E104024C-15B5-4EFB-A26B-C69D303933CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CAEB1A60-678D-4BAF-9D95-43C9DCFC8D68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD14A144-2CA9-498E-84B9-87733E33C602"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jdk:1.8.0:update411:*:*:-:*:*:*",
"matchCriteriaId": "0CBFE7F8-2C34-4A8B-8943-5720C841155B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jdk:1.8.0:update411:*:*:enterprise_performance_pack:*:*:*",
"matchCriteriaId": "F3441A33-4B6A-4519-B9BC-85B4FD3EA1A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jdk:11.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "60E1FB80-1E78-4B8B-B06A-241CE47A2FAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jdk:17.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "317C563B-D4F6-4C38-A3D0-2815291AD5F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jdk:21.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE37231-1FAC-4BE4-BAC3-0937525B8F38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jdk:22.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "08FC2228-C735-4F02-B630-C422A0F8D1F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jre:1.8.0:update411:*:*:-:*:*:*",
"matchCriteriaId": "1F271E0A-1B19-4126-A34C-26FC2CA21D0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jre:1.8.0:update411:*:*:enterprise_performance_pack:*:*:*",
"matchCriteriaId": "A5426759-CA79-4B2D-8286-A9BA173EC998"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jre:11.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7E21DF85-DA91-484B-80C0-0DCFEDD57727"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jre:17.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "935396EC-976B-4709-A943-7199C1E31588"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jre:21.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0EFFE042-24EE-49DE-952F-B7F702430772"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:java_jre:22.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D31B0898-19FD-4662-BCF5-87058EFBFEAE"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1AE8BD-EE3F-494C-9F03-D4B2B7233106"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B199052-5732-4726-B06B-A12C70DFB891"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240719-0008/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2024.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-239xx/CVE-2024-23915.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-23915",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:12.580",
"lastModified": "2024-09-18T14:15:12.580",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::of13::InstructionSet::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-690"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-23915",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-239xx/CVE-2024-23916.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-23916",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:12.790",
"lastModified": "2024-09-18T14:15:12.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionSet::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-690"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-23916",
"source": "prodsec@nozominetworks.com"
}
]
}

65
CVE-2024/CVE-2024-289xx/CVE-2024-28982.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28982",
"sourceIdentifier": "security.vulnerabilities@hitachivantara.com",
"published": "2024-06-26T23:15:19.287",
"lastModified": "2024-06-27T12:47:19.847",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T14:36:53.710",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "security.vulnerabilities@hitachivantara.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-776"
}
]
},
{
"source": "security.vulnerabilities@hitachivantara.com",
"type": "Secondary",
@ -51,10 +81,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hitachi:pentaho_business_analytics_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.3.0",
"versionEndExcluding": "9.3.0.7",
"matchCriteriaId": "9A2AC542-B90F-4FF4-A92E-9D6B16CFC68D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hitachi:pentaho_business_analytics_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.3.1.0",
"versionEndExcluding": "10.1.0.0",
"matchCriteriaId": "BBB989D9-613E-472B-9F38-DF5C9F19873C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.pentaho.com/hc/en-us/articles/27569195609869--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Improper-Restriction-of-XML-External-Entity-Reference-versions-before-10-1-0-0-and-9-3-0-7-including-8-3-x-Impacted-CVE-2024-28982",
"source": "security.vulnerabilities@hitachivantara.com"
"source": "security.vulnerabilities@hitachivantara.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-289xx/CVE-2024-28983.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28983",
"sourceIdentifier": "security.vulnerabilities@hitachivantara.com",
"published": "2024-06-26T23:15:19.597",
"lastModified": "2024-06-27T12:47:19.847",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T14:36:16.267",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security.vulnerabilities@hitachivantara.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security.vulnerabilities@hitachivantara.com",
"type": "Secondary",
@ -51,10 +81,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hitachi:business_analytics_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.3.0",
"versionEndExcluding": "9.3.0.7",
"matchCriteriaId": "5B123B7B-28AF-4B23-B6BC-0E4ECA161759"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hitachi:business_analytics_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.3.1.0",
"versionEndExcluding": "10.1.0.0",
"matchCriteriaId": "7648F088-BF64-4A98-9CE5-9D5AD2B740CE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.pentaho.com/hc/en-us/articles/27569257123725-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Improper-Neutralization-of-Input-During-Web-Page-Generation-Cross-site-Scripting-Versions-before-10-1-0-0-and-9-3-0-7-including-8-3-x-Impacted-CVE-2024-28983",
"source": "security.vulnerabilities@hitachivantara.com"
"source": "security.vulnerabilities@hitachivantara.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-289xx/CVE-2024-28984.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28984",
"sourceIdentifier": "security.vulnerabilities@hitachivantara.com",
"published": "2024-06-26T23:15:19.800",
"lastModified": "2024-06-27T12:47:19.847",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T15:22:51.163",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security.vulnerabilities@hitachivantara.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security.vulnerabilities@hitachivantara.com",
"type": "Secondary",
@ -51,10 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hitachi:pentaho_business_analytics_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.3.0.7",
"matchCriteriaId": "3DE39640-6A34-4784-B1D3-DD59AE1AF9B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hitachi:pentaho_business_analytics_server:*:*:*:*:*:*:*:*",
"versionStartExcluding": "9.3.1.0",
"versionEndExcluding": "10.1.0.0",
"matchCriteriaId": "C89A32E2-88F6-48D6-9F4A-3344FFAC045C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.pentaho.com/hc/en-us/articles/27569319605901-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Improper-Neutralization-of-Input-During-Web-Page-Generation-Cross-site-Scripting-Versions-before-10-1-0-0-and-9-3-0-7-including-8-3-x-Impacted-CVE-2024-28984",
"source": "security.vulnerabilities@hitachivantara.com"
"source": "security.vulnerabilities@hitachivantara.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31164.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31164",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:12.967",
"lastModified": "2024-09-18T14:15:12.967",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionList::unpack13.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-690"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31164",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31165.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31165",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:13.147",
"lastModified": "2024-09-18T14:15:13.147",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::SetFieldAction::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-690"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31165",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31166.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31166",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:13.327",
"lastModified": "2024-09-18T14:15:13.327",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::HelloElemVersionBitmap::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31166",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31167.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31167",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:13.507",
"lastModified": "2024-09-18T14:15:13.507",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::QueuePropertyList::unpack13.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-690"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31167",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31168.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31168",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:13.683",
"lastModified": "2024-09-18T14:15:13.683",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::EchoCommon::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31168",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31169.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31169",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:13.860",
"lastModified": "2024-09-18T14:15:13.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::QueueGetConfigReply::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31169",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31170.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31170",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:14.037",
"lastModified": "2024-09-18T14:15:14.037",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyQueue::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31170",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31171.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31171",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:14.210",
"lastModified": "2024-09-18T14:15:14.210",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyPort::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31171",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31172.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31172",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:14.387",
"lastModified": "2024-09-18T14:15:14.387",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyTable::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31172",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31173.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31173",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:14.557",
"lastModified": "2024-09-18T14:15:14.557",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyFlow::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31173",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31174.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31174",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:14.730",
"lastModified": "2024-09-18T14:15:14.730",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::FeaturesReply::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31174",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31175.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31175",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:14.927",
"lastModified": "2024-09-18T14:15:14.927",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TablePropertiesList::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-690"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31175",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31176.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31176",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:15.100",
"lastModified": "2024-09-18T14:15:15.100",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TableFeaturePropOXM::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31176",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31177.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31177",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:15.283",
"lastModified": "2024-09-18T14:15:15.283",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules). This vulnerability is associated with program routines fluid_msg::of13::TableFeaturePropActions::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31177",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31178.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31178",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:15.460",
"lastModified": "2024-09-18T14:15:15.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TableFeaturePropNextTables::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31178",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31179.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31179",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:15.633",
"lastModified": "2024-09-18T14:15:15.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TableFeaturePropInstruction::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31179",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31180.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31180",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:15.820",
"lastModified": "2024-09-18T14:15:15.820",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::GroupDesc::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31180",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31181.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31181",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:16.000",
"lastModified": "2024-09-18T14:15:16.000",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::GroupStats::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31181",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31182.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31182",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:16.193",
"lastModified": "2024-09-18T14:15:16.193",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::QueuePropertyList::unpack10.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-690"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31182",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31183.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31183",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:16.377",
"lastModified": "2024-09-18T14:15:16.377",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::Hello::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31183",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31184.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31184",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:16.550",
"lastModified": "2024-09-18T14:15:16.550",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::MeterStats::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31184",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31185.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31185",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:16.727",
"lastModified": "2024-09-18T14:15:16.727",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::MeterBandList::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-690"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31185",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31186.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31186",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:16.953",
"lastModified": "2024-09-18T14:15:16.953",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31186",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31187.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31187",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:17.173",
"lastModified": "2024-09-18T14:15:17.173",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31187",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31188.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31188",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:17.403",
"lastModified": "2024-09-18T14:15:17.403",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31188",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31189.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31189",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:17.593",
"lastModified": "2024-09-18T14:15:17.593",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31189",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31190.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31190",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:18.017",
"lastModified": "2024-09-18T14:15:18.017",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31190",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31191.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31191",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:18.290",
"lastModified": "2024-09-18T14:15:18.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31191",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31192.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31192",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:18.470",
"lastModified": "2024-09-18T14:15:18.470",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31192",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31193.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31193",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:18.647",
"lastModified": "2024-09-18T14:15:18.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31193",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31194.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31194",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:18.827",
"lastModified": "2024-09-18T14:15:18.827",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31194",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31195.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31195",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:19.000",
"lastModified": "2024-09-18T14:15:19.000",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31195",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31196.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31196",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:19.190",
"lastModified": "2024-09-18T14:15:19.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::ActionList::unpack10.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-690"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31196",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31197.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31197",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:19.367",
"lastModified": "2024-09-18T14:15:19.367",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::Port:unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-170"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31197",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-311xx/CVE-2024-31198.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31198",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-09-18T14:15:19.550",
"lastModified": "2024-09-18T14:15:19.550",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::Port:unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31198",
"source": "prodsec@nozominetworks.com"
}
]
}

56
CVE-2024/CVE-2024-340xx/CVE-2024-34026.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-34026",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-09-18T15:15:14.623",
"lastModified": "2024-09-18T15:15:14.623",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2005",
"source": "talos-cna@cisco.com"
}
]
}

83
CVE-2024/CVE-2024-352xx/CVE-2024-35234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35234",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-03T19:15:04.123",
"lastModified": "2024-07-05T12:55:51.367",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T14:47:38.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,18 +81,61 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*",
"versionEndExcluding": "3.2.3",
"matchCriteriaId": "8F15A89F-6283-4B24-801E-E415FF5A4272"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:beta:*:*:*",
"versionEndExcluding": "3.3.0",
"matchCriteriaId": "4EBDB0A9-6C68-4FC5-81CD-5E1B042DD60C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.3.0:beta1:*:*:beta:*:*:*",
"matchCriteriaId": "4FE1C6B5-D21B-46CC-A889-EECE10A7130A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.3.0:beta2:*:*:beta:*:*:*",
"matchCriteriaId": "51C031F6-729E-4560-B33D-382177F2DB7D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/commit/26aef0c288839378b9de5819e96eac8cf4ea60fd",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse/commit/311b737c910cf0a69f61e1b8bc0b78374b6619d2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-5chg-hm8c-wc58",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

25
CVE-2024/CVE-2024-355xx/CVE-2024-35515.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35515",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:14.843",
"lastModified": "2024-09-18T15:15:14.843",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/piskvorky/sqlitedict/",
"source": "cve@mitre.org"
},
{
"url": "https://wha13.github.io/2024/06/13/mfcve/",
"source": "cve@mitre.org"
}
]
}

83
CVE-2024/CVE-2024-361xx/CVE-2024-36113.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36113",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-03T19:15:04.523",
"lastModified": "2024-07-05T12:55:51.367",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T14:44:33.187",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,18 +81,61 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*",
"versionEndExcluding": "3.2.3",
"matchCriteriaId": "8F15A89F-6283-4B24-801E-E415FF5A4272"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:beta:*:*:*",
"versionEndExcluding": "3.3.0",
"matchCriteriaId": "4EBDB0A9-6C68-4FC5-81CD-5E1B042DD60C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.3.0:beta1:*:*:beta:*:*:*",
"matchCriteriaId": "4FE1C6B5-D21B-46CC-A889-EECE10A7130A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.3.0:beta2:*:*:beta:*:*:*",
"matchCriteriaId": "51C031F6-729E-4560-B33D-382177F2DB7D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/commit/8470546f59b04bd82ce9b711406758fd5439936d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse/commit/9c4a5f39d3ad351410a1453ff5e5f7ffce17cd7e",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-3w3f-76p7-3c4g",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-367xx/CVE-2024-36736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36736",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T18:15:16.560",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:06:23.837",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,66 @@
"value": "Un problema en el componente oneflow.permute de OneFlow-Inc. Oneflow v0.9.1 provoca un c\u00e1lculo incorrecto cuando se realiza la misma operaci\u00f3n de dimensi\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-682"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oneflow:oneflow:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8058A82-101A-4B97-9169-0EEFDB712EA8"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/Redmept1on/6de04fb6c7af6956973fe2765c4d4576",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-369xx/CVE-2024-36980.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-36980",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-09-18T15:15:14.903",
"lastModified": "2024-09-18T15:15:14.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.This is the first instance of the incorrect comparison."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2004",
"source": "talos-cna@cisco.com"
}
]
}

56
CVE-2024/CVE-2024-369xx/CVE-2024-36981.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-36981",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-09-18T15:15:15.110",
"lastModified": "2024-09-18T15:15:15.110",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.This is the final instance of the incorrect comparison."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2004",
"source": "talos-cna@cisco.com"
}
]
}

799
CVE-2024/CVE-2024-379xx/CVE-2024-37990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37990",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-09-10T10:15:10.227",
"lastModified": "2024-09-10T12:09:50.377",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:27:53.563",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -85,8 +105,18 @@
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -95,10 +125,771 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

799
CVE-2024/CVE-2024-379xx/CVE-2024-37991.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37991",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-09-10T10:15:10.600",
"lastModified": "2024-09-10T12:09:50.377",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:29:44.390",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -85,8 +105,18 @@
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -95,10 +125,771 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

799
CVE-2024/CVE-2024-379xx/CVE-2024-37992.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37992",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-09-10T10:15:10.837",
"lastModified": "2024-09-10T12:09:50.377",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:31:27.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -85,8 +105,18 @@
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -95,10 +125,771 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

799
CVE-2024/CVE-2024-379xx/CVE-2024-37993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37993",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-09-10T10:15:11.090",
"lastModified": "2024-09-10T12:09:50.377",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:32:26.037",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -85,8 +105,18 @@
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -95,10 +125,771 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

799
CVE-2024/CVE-2024-379xx/CVE-2024-37994.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37994",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-09-10T10:15:11.340",
"lastModified": "2024-09-10T12:09:50.377",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:35:17.403",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -85,8 +105,18 @@
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -95,10 +125,771 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

799
CVE-2024/CVE-2024-379xx/CVE-2024-37995.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37995",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-09-10T10:15:11.570",
"lastModified": "2024-09-10T12:09:50.377",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:37:15.130",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -85,8 +105,18 @@
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -95,10 +125,771 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-380xx/CVE-2024-38018.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38018",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-09-10T17:15:20.660",
"lastModified": "2024-09-10T17:43:14.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T15:04:58.240",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -41,8 +41,18 @@
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +61,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*",
"matchCriteriaId": "AC8BB33F-44C4-41FE-8B17-68E3C4B38142"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "F815EF1D-7B60-47BE-9AC2-2548F99F10E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38018",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

154
CVE-2024/CVE-2024-380xx/CVE-2024-38045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38045",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-09-10T17:15:21.433",
"lastModified": "2024-09-10T17:43:14.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T15:04:07.700",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -41,8 +41,18 @@
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +61,146 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "89B89FB6-5A2C-4444-9D51-B5E46A506CA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "ADD534CE-0B4C-43DB-A27C-AC67246D0A87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "23DBE62F-98CC-4F76-A841-BB20C5E8075F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19044.4894",
"matchCriteriaId": "61EE602F-4D50-4203-9E6B-0BD8A03C450C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19044.4894",
"matchCriteriaId": "E38D5738-DC17-4C50-B8BD-A847CDD772BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.4894",
"matchCriteriaId": "5F1636FD-E55D-452D-B7B4-73763174461F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.4894",
"matchCriteriaId": "6FBDC450-FB5A-469C-8D38-9586CE5A6F48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.4894",
"matchCriteriaId": "6A08D353-356F-4BB0-A43F-15EBD6E2FB83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.4894",
"matchCriteriaId": "13DBA791-6F77-4DA1-8BF4-BA7C299C6188"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.3197",
"matchCriteriaId": "27B86605-6710-4BC8-99A4-73462A011192"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.3197",
"matchCriteriaId": "24ABE040-A076-4A03-9847-B4D0C2CA5E97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.4169",
"matchCriteriaId": "1943A041-87C3-404D-B09C-8E25E46A6E90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.4169",
"matchCriteriaId": "4AC8FE5E-7E85-4520-BD68-3A9776948A5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.4169",
"matchCriteriaId": "DFD03C4F-D6EA-41B7-A7E1-EE0C11407EA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.4169",
"matchCriteriaId": "5EFBBCCD-A83C-4D06-BBF0-1A4E5C9F0283"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.1742",
"matchCriteriaId": "6231A772-376C-4ED3-919B-EAD9D1439021"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.1742",
"matchCriteriaId": "82EA7851-0235-4ACA-8BDB-89243CF2BDA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "BD2C9E88-C858-4B3D-A8C5-251DD6B69FD6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2700",
"matchCriteriaId": "4399F533-0094-43CF-872E-FC8E4A21A904"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1128",
"matchCriteriaId": "FCB2DB55-B6D1-4D28-802F-D300BE10E9A0"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38045",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

182
CVE-2024/CVE-2024-380xx/CVE-2024-38046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38046",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-09-10T17:15:21.640",
"lastModified": "2024-09-10T17:43:14.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T15:02:15.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -40,6 +40,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
@ -51,10 +61,176 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20766",
"matchCriteriaId": "85DD5735-7C22-4A98-B404-08FEF44A640F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20766",
"matchCriteriaId": "83550045-529B-4968-A543-C9D298C0F31D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7336",
"matchCriteriaId": "90027BBC-56AF-4F14-A118-53BBA694A0CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7336",
"matchCriteriaId": "DFB6CBF4-DA4A-4743-B8A1-3E41FCBEEBEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "89B89FB6-5A2C-4444-9D51-B5E46A506CA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "ADD534CE-0B4C-43DB-A27C-AC67246D0A87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "23DBE62F-98CC-4F76-A841-BB20C5E8075F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19044.4894",
"matchCriteriaId": "EC7AA96F-CE3B-4E76-8BE8-A33E0E09F724"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19044.4894",
"matchCriteriaId": "273D661D-7A6D-476F-9143-EBDEDD938665"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.4894",
"matchCriteriaId": "A769F920-AB17-4C52-A416-744D91A2DE93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.4894",
"matchCriteriaId": "6FBDC450-FB5A-469C-8D38-9586CE5A6F48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.4894",
"matchCriteriaId": "6A08D353-356F-4BB0-A43F-15EBD6E2FB83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.4894",
"matchCriteriaId": "13DBA791-6F77-4DA1-8BF4-BA7C299C6188"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.3197",
"matchCriteriaId": "27B86605-6710-4BC8-99A4-73462A011192"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.3197",
"matchCriteriaId": "24ABE040-A076-4A03-9847-B4D0C2CA5E97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.4169",
"matchCriteriaId": "1943A041-87C3-404D-B09C-8E25E46A6E90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.4169",
"matchCriteriaId": "4AC8FE5E-7E85-4520-BD68-3A9776948A5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.4169",
"matchCriteriaId": "DFD03C4F-D6EA-41B7-A7E1-EE0C11407EA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.4169",
"matchCriteriaId": "5EFBBCCD-A83C-4D06-BBF0-1A4E5C9F0283"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.1742",
"matchCriteriaId": "6231A772-376C-4ED3-919B-EAD9D1439021"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.1742",
"matchCriteriaId": "82EA7851-0235-4ACA-8BDB-89243CF2BDA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7336",
"matchCriteriaId": "A6291C92-7D32-4CC2-B601-FAF5B70F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "BD2C9E88-C858-4B3D-A8C5-251DD6B69FD6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2700",
"matchCriteriaId": "4399F533-0094-43CF-872E-FC8E4A21A904"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1128",
"matchCriteriaId": "FCB2DB55-B6D1-4D28-802F-D300BE10E9A0"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38046",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-383xx/CVE-2024-38366.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38366",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-01T21:15:03.797",
"lastModified": "2024-07-02T17:15:05.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:22:55.753",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,18 +81,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cocoapods:trunk.cocoapods.org:*:*:*:*:ruby:*:*:*",
"versionEndExcluding": "2023-09-22",
"matchCriteriaId": "08A4E3D6-3E6A-4AC3-B671-3CF25F7474CE"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.cocoapods.org/CocoaPods-Trunk-RCEs-2023",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://evasec.webflow.io/blog/eva-discovered-supply-chain-vulnerabities-in-cocoapods#2-remote-code-execution-on-the-cocoapods-trunk-server",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/CocoaPods/CocoaPods/security/advisories/GHSA-x2x4-g675-qg7c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

73
CVE-2024/CVE-2024-383xx/CVE-2024-38367.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38367",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-01T21:15:04.020",
"lastModified": "2024-07-02T17:15:05.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:16:27.733",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,22 +81,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cocoapods:trunk.cocoapods.org:*:*:*:*:ruby:*:*:*",
"versionEndExcluding": "2023-10-27",
"matchCriteriaId": "F37BEFBA-49F6-4E0B-9090-AD4A09DDFDC1"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.cocoapods.org/CocoaPods-Trunk-RCEs-2023",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://evasec.io/blog/eva-discovered-supply-chain-vulnerabities-in-cocoapods#vulnerability-3-achieving-zero-click-account-takeover-by-defeating-email-security-boundaries",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/CocoaPods/CocoaPods/security/advisories/GHSA-52gf-m7v9-m333",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/CocoaPods/trunk.cocoapods.org/commit/d4fa66f49cedab449af9a56a21ab40697b9f7b97",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
}
]
}

77
CVE-2024/CVE-2024-383xx/CVE-2024-38368.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38368",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-01T21:15:04.250",
"lastModified": "2024-07-02T17:15:05.590",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-18T15:23:00.507",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,26 +81,59 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cocoapods:trunk.cocoapods.org:*:*:*:*:ruby:*:*:*",
"versionEndExcluding": "2023-09-22",
"matchCriteriaId": "08A4E3D6-3E6A-4AC3-B671-3CF25F7474CE"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.cocoapods.org/Claim-Your-Pods",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://blog.cocoapods.org/CocoaPods-Trunk-RCEs-2023",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://evasec.webflow.io/blog/eva-discovered-supply-chain-vulnerabities-in-cocoapods#1-taking-unauthorized-ownership-over-orphaned-pods",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/CocoaPods/CocoaPods/security/advisories/GHSA-j483-qm5c-7hqx",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/CocoaPods/trunk.cocoapods.org/commit/71be5440906b6bdfbc0bcc7f8a9fec33367ea0f4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
}
]
}

25
CVE-2024/CVE-2024-390xx/CVE-2024-39081.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-39081",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T14:15:19.757",
"lastModified": "2024-09-18T14:15:19.757",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Amirasaiyad/BLE-TPMS/blob/main/README.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Amirasaiyad/BLE-TPMS/blob/main/Treel_BLE_TPMS_Penetration_Testing_Report.pdf",
"source": "cve@mitre.org"
}
]
}

56
CVE-2024/CVE-2024-395xx/CVE-2024-39589.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-39589",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-09-18T15:15:15.333",
"lastModified": "2024-09-18T15:15:15.333",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger these vulnerabilities.This instance of the vulnerability occurs within the `Protected_Logical_Read_Reply` function"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-704"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2016",
"source": "talos-cna@cisco.com"
}
]
}

56
CVE-2024/CVE-2024-395xx/CVE-2024-39590.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-39590",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-09-18T15:15:15.540",
"lastModified": "2024-09-18T15:15:15.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger these vulnerabilities.This instance of the vulnerability occurs within the `Protected_Logical_Write_Reply` function"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-704"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2016",
"source": "talos-cna@cisco.com"
}
]
}

18
CVE-2024/CVE-2024-425xx/CVE-2024-42501.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-42501",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-09-17T18:15:04.337",
"lastModified": "2024-09-17T18:15:04.337",
"lastModified": "2024-09-18T15:35:05.747",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authenticated Path Traversal vulnerabilities exists in the ArubaOS. Successful exploitation of this vulnerability allows an attacker to install unsigned packages on the underlying operating system, enabling the threat actor to execute arbitrary code or install implants."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de Path Traversal autenticado en ArubaOS. La explotaci\u00f3n exitosa de esta vulnerabilidad permite a un atacante instalar paquetes no firmados en el sistema operativo subyacente, lo que le permite al actor de la amenaza ejecutar c\u00f3digo arbitrario o instalar implantes."
}
],
"metrics": {
@ -35,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US",

18
CVE-2024/CVE-2024-425xx/CVE-2024-42502.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-42502",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-09-17T18:15:04.527",
"lastModified": "2024-09-17T18:15:04.527",
"lastModified": "2024-09-18T15:35:06.550",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authenticated command injection vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability result in the ability to inject shell commands on the underlying operating system."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos autenticados en la interfaz de l\u00ednea de comandos de ArubaOS. La explotaci\u00f3n exitosa de esta vulnerabilidad da como resultado la capacidad de inyectar comandos de shell en el sistema operativo subyacente."
}
],
"metrics": {
@ -35,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US",

18
CVE-2024/CVE-2024-425xx/CVE-2024-42503.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-42503",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-09-17T18:15:04.710",
"lastModified": "2024-09-17T18:15:04.710",
"lastModified": "2024-09-18T15:35:10.277",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authenticated command execution vulnerability exist in the ArubaOS command line interface (CLI). Successful exploitation of this vulnerabilities result in the ability to run arbitrary commands as a priviledge user on the underlying operating system."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de ejecuci\u00f3n de comandos autenticados en la interfaz de l\u00ednea de comandos (CLI) de ArubaOS. La explotaci\u00f3n exitosa de esta vulnerabilidad da como resultado la capacidad de ejecutar comandos arbitrarios como un usuario privilegiado en el sistema operativo subyacente."
}
],
"metrics": {
@ -35,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US",

40
CVE-2024/CVE-2024-434xx/CVE-2024-43482.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43482",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-09-10T17:15:36.037",
"lastModified": "2024-09-10T17:43:14.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T14:11:50.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -41,8 +41,18 @@
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +61,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:outlook:*:*:*:*:*:iphone_os:*:*",
"versionEndExcluding": "4.2435.0",
"matchCriteriaId": "0A5FD9CE-72EA-4026-BFB3-0C24B7408025"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43482",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

110
CVE-2024/CVE-2024-434xx/CVE-2024-43487.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43487",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-09-10T17:15:36.230",
"lastModified": "2024-09-10T17:43:14.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-18T14:10:20.320",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -41,8 +41,18 @@
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +61,102 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20766",
"matchCriteriaId": "85DD5735-7C22-4A98-B404-08FEF44A640F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20766",
"matchCriteriaId": "83550045-529B-4968-A543-C9D298C0F31D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7336",
"matchCriteriaId": "90027BBC-56AF-4F14-A118-53BBA694A0CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7336",
"matchCriteriaId": "DFB6CBF4-DA4A-4743-B8A1-3E41FCBEEBEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "3A9450F3-BE07-4F9B-9C2B-29208AB91A9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.4894",
"matchCriteriaId": "30C7FEB1-00AE-42A6-BBAA-A30081BD4A83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.4894",
"matchCriteriaId": "6FBDC450-FB5A-469C-8D38-9586CE5A6F48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.4894",
"matchCriteriaId": "6A08D353-356F-4BB0-A43F-15EBD6E2FB83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.4894",
"matchCriteriaId": "13DBA791-6F77-4DA1-8BF4-BA7C299C6188"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "F73D1308-DB13-4B6C-A66F-5542FDCA749C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:x64:*",
"matchCriteriaId": "8968BAC8-A1DB-4F88-89F8-4BE47919C247"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7336",
"matchCriteriaId": "A6291C92-7D32-4CC2-B601-FAF5B70F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6293",
"matchCriteriaId": "BD2C9E88-C858-4B3D-A8C5-251DD6B69FD6"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43487",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-437xx/CVE-2024-43778.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-43778",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-09-18T07:15:03.007",
"lastModified": "2024-09-18T07:15:03.007",
"lastModified": "2024-09-18T15:35:11.213",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU90142679/",

21
CVE-2024/CVE-2024-445xx/CVE-2024-44542.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-44542",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:16.137",
"lastModified": "2024-09-18T15:15:16.137",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code via the /todesk.com/news.html parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/alphandbelt/CVE-2024-44542/tree/main",
"source": "cve@mitre.org"
}
]
}

56
CVE-2024/CVE-2024-458xx/CVE-2024-45858.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45858",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-18T15:15:16.333",
"lastModified": "2024-09-18T15:15:16.333",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval function, causing it to execute on the user's machine."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-guardrails/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46550.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46550",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:16.533",
"lastModified": "2024-09-18T15:15:16.533",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the CGIbyFieldName parameter at chglog.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#bffdd8897d944a77834b865d9326a1d7",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46551.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46551",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:16.590",
"lastModified": "2024-09-18T15:15:16.590",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_Pwd parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#aabdeced2a5e407ba3b3c0d318af0a29",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46552.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46552",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:16.650",
"lastModified": "2024-09-18T15:15:16.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sStRtMskShow parameter at ipstrt.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#53ad238cc1af41f7a32b29260f7274ec",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46553.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46553",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:16.720",
"lastModified": "2024-09-18T15:15:16.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ipaddrmsk%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#1e21ab70186245aa8fb17578863216e2",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46554.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46554",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:16.783",
"lastModified": "2024-09-18T15:15:16.783",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the profname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#ee86534f23b84f2cbfa9401ee1d9d179",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46555.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46555",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:16.837",
"lastModified": "2024-09-18T15:15:16.837",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pb parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#e15d03bdd4b9441e8eb157fbd09969f4",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46556.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46556",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:16.910",
"lastModified": "2024-09-18T15:15:16.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sInRCSecret0 parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#a26d36d8c8d042299348d8ec7a0260ca",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46557.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46557",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:16.983",
"lastModified": "2024-09-18T15:15:16.983",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#8817e09b31b04ebebdaa5d6df1415df0",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46558.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46558",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.033",
"lastModified": "2024-09-18T15:15:17.033",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the newProname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#43e2ae152385466180ebec957696ceaa",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46559.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46559",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.097",
"lastModified": "2024-09-18T15:15:17.097",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_UsrNme parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#acee48e159494c479aecc1bfa87f0d83",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46560.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46560",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.160",
"lastModified": "2024-09-18T15:15:17.160",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pub_key parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#2a9a497ab8214aeb991df9b9714b3c25",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46561.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46561",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.210",
"lastModified": "2024-09-18T15:15:17.210",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the queryret parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#48ac749c7e444d8398b414f9d1d48c40",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-465xx/CVE-2024-46564.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46564",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.263",
"lastModified": "2024-09-18T15:15:17.263",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at fextobj.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input."
}
],
"metrics": {},
"references": [
{
"url": "https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#4ebd20d478124581b01338b89622363a",
"source": "cve@mitre.org"
}
]
}

Some files were not shown because too many files have changed in this diff Show More