admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 10:10:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-20T00:55:25.021427+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-20 00:55:28 +00:00
parent 7384c37e6d
commit cb9293960c
18 changed files with 816 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
CVE-2023/CVE-2023-420xx/CVE-2023-42012.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-42012",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T00:15:08.190",
"lastModified": "2023-12-20T00:15:08.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265509",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7096548",
"source": "psirt@us.ibm.com"
}
]
}

59
CVE-2023/CVE-2023-420xx/CVE-2023-42013.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-42013",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T00:15:08.383",
"lastModified": "2023-12-20T00:15:08.383",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 265510."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265510",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7096547",
"source": "psirt@us.ibm.com"
}
]
}

6
CVE-2023/CVE-2023-429xx/CVE-2023-42940.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-42940",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-12-19T22:15:07.630",
"lastModified": "2023-12-19T22:15:07.630",
"lastModified": "2023-12-19T23:15:07.657",
"vulnStatus": "Received",
"descriptions": [
{
@ -12,6 +12,10 @@
],
"metrics": {},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Dec/20",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT214048",
"source": "product-security@apple.com"

59
CVE-2023/CVE-2023-451xx/CVE-2023-45172.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-45172",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-19T23:15:07.707",
"lastModified": "2023-12-19T23:15:07.707",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX windows to cause a denial of service. IBM X-Force ID: 267970."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/267970",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7099314",
"source": "psirt@us.ibm.com"
}
]
}

24
CVE-2023/CVE-2023-458xx/CVE-2023-45887.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-45887",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-20T00:15:08.613",
"lastModified": "2023-12-20T00:15:08.613",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "DS Wireless Communication (DWC) with DWC_VERSION_3 and DWC_VERSION_11 allows remote attackers to execute arbitrary code on a game-playing client's machine via a modified GPCM message."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/MikeIsAStar/DS-Wireless-Communication-Remote-Code-Execution",
"source": "cve@mitre.org"
},
{
"url": "https://pastebin.com/ukRzztv0",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-471xx/CVE-2023-47161.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-47161",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T00:15:08.670",
"lastModified": "2023-12-20T00:15:08.670",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. IBM X-Force ID: 270799."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/270799",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7096552",
"source": "psirt@us.ibm.com"
}
]
}

28
CVE-2023/CVE-2023-491xx/CVE-2023-49147.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-49147",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-19T23:15:07.903",
"lastModified": "2023-12-19T23:15:07.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions (e.g., an oplock on faxPrnInst.log) to open a SYSTEM cmd.exe."
}
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/176206/PDF24-Creator-11.15.1-Local-Privilege-Escalation.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Dec/18",
"source": "cve@mitre.org"
},
{
"url": "https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-pdf24-creator-geek-software-gmbh/",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-507xx/CVE-2023-50703.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50703",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-12-20T00:15:08.877",
"lastModified": "2023-12-20T00:15:08.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAn attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application.\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-03",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-507xx/CVE-2023-50704.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50704",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-12-20T00:15:09.070",
"lastModified": "2023-12-20T00:15:09.070",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\nAn attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users.\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-03",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-507xx/CVE-2023-50705.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50705",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-12-20T00:15:09.257",
"lastModified": "2023-12-20T00:15:09.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nAn attacker could create malicious requests to obtain sensitive information about the web server.\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-03",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-507xx/CVE-2023-50706.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50706",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-12-20T00:15:09.437",
"lastModified": "2023-12-20T00:15:09.437",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\n\n\n\n\nA user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session tokens.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-03",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-507xx/CVE-2023-50707.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50707",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-12-20T00:15:09.643",
"lastModified": "2023-12-20T00:15:09.643",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nThrough the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device.\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-02",
"source": "ics-cert@hq.dhs.gov"
}
]
}

8
CVE-2023/CVE-2023-509xx/CVE-2023-50917.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50917",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-15T17:15:12.840",
"lastModified": "2023-12-19T19:20:43.873",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-19T23:15:07.950",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -69,6 +69,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Dec/19",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/sergejey/majordomo/commit/0662e5ebfb133445ff6154b69c61019357092178",
"source": "cve@mitre.org",

55
CVE-2023/CVE-2023-66xx/CVE-2023-6689.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6689",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-12-20T00:15:09.850",
"lastModified": "2023-12-20T00:15:09.850",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\nA successful CSRF attack could force the user to perform state changing requests on the application. If the victim is an administrative account, a CSRF attack could compromise the entire web application.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-02",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-69xx/CVE-2023-6928.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6928",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-12-19T23:15:08.020",
"lastModified": "2023-12-19T23:15:08.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nEuroTel ETL3100 versions v01c01 and v01x37 does not limit the number of attempts to guess administrative credentials in remote password attacks to gain full control of the system.\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-05",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-69xx/CVE-2023-6929.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6929",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-12-19T23:15:08.220",
"lastModified": "2023-12-19T23:15:08.220",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\nEuroTel ETL3100 versions v01c01 and v01x37 are vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers can bypass authorization, access the hidden resources on the system, and execute privileged functionalities.\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-05",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-69xx/CVE-2023-6930.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6930",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-12-19T23:15:08.410",
"lastModified": "2023-12-19T23:15:08.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nEuroTel ETL3100 versions v01c01 and v01x37 suffer from an unauthenticated configuration and log download vulnerability. This enables the attacker to disclose sensitive information and assist in authentication bypass, privilege escalation, and full system access.\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-05",
"source": "ics-cert@hq.dhs.gov"
}
]
}

54
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-19T23:00:24.337297+00:00
2023-12-20T00:55:25.021427+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-19T22:56:44.743000+00:00
2023-12-20T00:15:09.850000+00:00
```
### Last Data Feed Release
@ -29,46 +29,36 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
233779
233794
```
### CVEs added in the last Commit
Recently added CVEs: `19`
Recently added CVEs: `15`
* [CVE-2022-43450](CVE-2022/CVE-2022-434xx/CVE-2022-43450.json) (`2023-12-19T22:15:07.267`)
* [CVE-2023-35883](CVE-2023/CVE-2023-358xx/CVE-2023-35883.json) (`2023-12-19T21:15:07.687`)
* [CVE-2023-37982](CVE-2023/CVE-2023-379xx/CVE-2023-37982.json) (`2023-12-19T21:15:07.897`)
* [CVE-2023-48327](CVE-2023/CVE-2023-483xx/CVE-2023-48327.json) (`2023-12-19T21:15:08.290`)
* [CVE-2023-48738](CVE-2023/CVE-2023-487xx/CVE-2023-48738.json) (`2023-12-19T21:15:08.527`)
* [CVE-2023-48741](CVE-2023/CVE-2023-487xx/CVE-2023-48741.json) (`2023-12-19T21:15:08.737`)
* [CVE-2023-48764](CVE-2023/CVE-2023-487xx/CVE-2023-48764.json) (`2023-12-19T21:15:08.943`)
* [CVE-2023-49750](CVE-2023/CVE-2023-497xx/CVE-2023-49750.json) (`2023-12-19T21:15:09.137`)
* [CVE-2023-49764](CVE-2023/CVE-2023-497xx/CVE-2023-49764.json) (`2023-12-19T21:15:09.333`)
* [CVE-2023-49812](CVE-2023/CVE-2023-498xx/CVE-2023-49812.json) (`2023-12-19T21:15:09.530`)
* [CVE-2023-50466](CVE-2023/CVE-2023-504xx/CVE-2023-50466.json) (`2023-12-19T21:15:09.740`)
* [CVE-2023-38126](CVE-2023/CVE-2023-381xx/CVE-2023-38126.json) (`2023-12-19T22:15:07.460`)
* [CVE-2023-42940](CVE-2023/CVE-2023-429xx/CVE-2023-42940.json) (`2023-12-19T22:15:07.630`)
* [CVE-2023-46624](CVE-2023/CVE-2023-466xx/CVE-2023-46624.json) (`2023-12-19T22:15:07.673`)
* [CVE-2023-47146](CVE-2023/CVE-2023-471xx/CVE-2023-47146.json) (`2023-12-19T22:15:07.863`)
* [CVE-2023-47267](CVE-2023/CVE-2023-472xx/CVE-2023-47267.json) (`2023-12-19T22:15:08.060`)
* [CVE-2023-49004](CVE-2023/CVE-2023-490xx/CVE-2023-49004.json) (`2023-12-19T22:15:08.103`)
* [CVE-2023-49164](CVE-2023/CVE-2023-491xx/CVE-2023-49164.json) (`2023-12-19T22:15:08.143`)
* [CVE-2023-50835](CVE-2023/CVE-2023-508xx/CVE-2023-50835.json) (`2023-12-19T22:15:08.330`)
* [CVE-2023-45172](CVE-2023/CVE-2023-451xx/CVE-2023-45172.json) (`2023-12-19T23:15:07.707`)
* [CVE-2023-49147](CVE-2023/CVE-2023-491xx/CVE-2023-49147.json) (`2023-12-19T23:15:07.903`)
* [CVE-2023-6928](CVE-2023/CVE-2023-69xx/CVE-2023-6928.json) (`2023-12-19T23:15:08.020`)
* [CVE-2023-6929](CVE-2023/CVE-2023-69xx/CVE-2023-6929.json) (`2023-12-19T23:15:08.220`)
* [CVE-2023-6930](CVE-2023/CVE-2023-69xx/CVE-2023-6930.json) (`2023-12-19T23:15:08.410`)
* [CVE-2023-42012](CVE-2023/CVE-2023-420xx/CVE-2023-42012.json) (`2023-12-20T00:15:08.190`)
* [CVE-2023-42013](CVE-2023/CVE-2023-420xx/CVE-2023-42013.json) (`2023-12-20T00:15:08.383`)
* [CVE-2023-45887](CVE-2023/CVE-2023-458xx/CVE-2023-45887.json) (`2023-12-20T00:15:08.613`)
* [CVE-2023-47161](CVE-2023/CVE-2023-471xx/CVE-2023-47161.json) (`2023-12-20T00:15:08.670`)
* [CVE-2023-50703](CVE-2023/CVE-2023-507xx/CVE-2023-50703.json) (`2023-12-20T00:15:08.877`)
* [CVE-2023-50704](CVE-2023/CVE-2023-507xx/CVE-2023-50704.json) (`2023-12-20T00:15:09.070`)
* [CVE-2023-50705](CVE-2023/CVE-2023-507xx/CVE-2023-50705.json) (`2023-12-20T00:15:09.257`)
* [CVE-2023-50706](CVE-2023/CVE-2023-507xx/CVE-2023-50706.json) (`2023-12-20T00:15:09.437`)
* [CVE-2023-50707](CVE-2023/CVE-2023-507xx/CVE-2023-50707.json) (`2023-12-20T00:15:09.643`)
* [CVE-2023-6689](CVE-2023/CVE-2023-66xx/CVE-2023-6689.json) (`2023-12-20T00:15:09.850`)
### CVEs modified in the last Commit
Recently modified CVEs: `8`
Recently modified CVEs: `2`
* [CVE-2023-3511](CVE-2023/CVE-2023-35xx/CVE-2023-3511.json) (`2023-12-19T21:14:37.470`)
* [CVE-2023-42883](CVE-2023/CVE-2023-428xx/CVE-2023-42883.json) (`2023-12-19T21:15:08.097`)
* [CVE-2023-43826](CVE-2023/CVE-2023-438xx/CVE-2023-43826.json) (`2023-12-19T21:15:08.190`)
* [CVE-2023-6265](CVE-2023/CVE-2023-62xx/CVE-2023-6265.json) (`2023-12-19T21:15:09.793`)
* [CVE-2023-3904](CVE-2023/CVE-2023-39xx/CVE-2023-3904.json) (`2023-12-19T21:41:11.020`)
* [CVE-2023-49159](CVE-2023/CVE-2023-491xx/CVE-2023-49159.json) (`2023-12-19T22:54:58.657`)
* [CVE-2023-5061](CVE-2023/CVE-2023-50xx/CVE-2023-5061.json) (`2023-12-19T22:55:31.227`)
* [CVE-2023-5512](CVE-2023/CVE-2023-55xx/CVE-2023-5512.json) (`2023-12-19T22:56:44.743`)
* [CVE-2023-42940](CVE-2023/CVE-2023-429xx/CVE-2023-42940.json) (`2023-12-19T23:15:07.657`)
* [CVE-2023-50917](CVE-2023/CVE-2023-509xx/CVE-2023-50917.json) (`2023-12-19T23:15:07.950`)
## Download and Usage