From d5f292ce7c8e5024534f85eb0853def128e58d3c Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 6 Sep 2023 14:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-09-06T14:00:24.750541+00:00 --- CVE-2023/CVE-2023-209xx/CVE-2023-20900.json | 139 +++++++++++++++++++- CVE-2023/CVE-2023-275xx/CVE-2023-27523.json | 55 ++++++++ CVE-2023/CVE-2023-275xx/CVE-2023-27526.json | 55 ++++++++ CVE-2023/CVE-2023-363xx/CVE-2023-36387.json | 55 ++++++++ CVE-2023/CVE-2023-363xx/CVE-2023-36388.json | 55 ++++++++ CVE-2023/CVE-2023-391xx/CVE-2023-39135.json | 86 +++++++++++- CVE-2023/CVE-2023-391xx/CVE-2023-39136.json | 83 +++++++++++- CVE-2023/CVE-2023-392xx/CVE-2023-39264.json | 55 ++++++++ CVE-2023/CVE-2023-411xx/CVE-2023-41149.json | 24 ++++ CVE-2023/CVE-2023-411xx/CVE-2023-41150.json | 24 ++++ CVE-2023/CVE-2023-419xx/CVE-2023-41930.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41931.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41932.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41933.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41934.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41935.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41936.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41937.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41938.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41939.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41940.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41941.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41942.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41943.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41944.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41945.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41946.json | 20 +++ CVE-2023/CVE-2023-419xx/CVE-2023-41947.json | 20 +++ CVE-2023/CVE-2023-45xx/CVE-2023-4588.json | 55 ++++++++ CVE-2023/CVE-2023-45xx/CVE-2023-4589.json | 55 ++++++++ README.md | 50 ++++--- 31 files changed, 1115 insertions(+), 36 deletions(-) create mode 100644 CVE-2023/CVE-2023-275xx/CVE-2023-27523.json create mode 100644 CVE-2023/CVE-2023-275xx/CVE-2023-27526.json create mode 100644 CVE-2023/CVE-2023-363xx/CVE-2023-36387.json create mode 100644 CVE-2023/CVE-2023-363xx/CVE-2023-36388.json create mode 100644 CVE-2023/CVE-2023-392xx/CVE-2023-39264.json create mode 100644 CVE-2023/CVE-2023-411xx/CVE-2023-41149.json create mode 100644 CVE-2023/CVE-2023-411xx/CVE-2023-41150.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41930.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41931.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41932.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41933.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41934.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41935.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41936.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41937.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41938.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41939.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41940.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41941.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41942.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41943.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41944.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41945.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41946.json create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41947.json create mode 100644 CVE-2023/CVE-2023-45xx/CVE-2023-4588.json create mode 100644 CVE-2023/CVE-2023-45xx/CVE-2023-4589.json diff --git a/CVE-2023/CVE-2023-209xx/CVE-2023-20900.json b/CVE-2023/CVE-2023-209xx/CVE-2023-20900.json index 3543179fb5f..0d5de0deae2 100644 --- a/CVE-2023/CVE-2023-209xx/CVE-2023-20900.json +++ b/CVE-2023/CVE-2023-209xx/CVE-2023-20900.json @@ -2,16 +2,36 @@ "id": "CVE-2023-20900", "sourceIdentifier": "security@vmware.com", "published": "2023-08-31T10:15:08.247", - "lastModified": "2023-09-01T07:15:09.817", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-06T13:37:21.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", - "value": "VMware Tools contains a SAML token signature bypass vulnerability.\u00a0A malicious actor with man-in-the-middle (MITM) network positioning in the virtual machine network may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations.\n\n\n\n\n\n\n\n\n\n\n\n" + "value": "A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html \u00a0in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html ." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + }, { "source": "security@vmware.com", "type": "Secondary", @@ -34,14 +54,123 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-294" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.3.0", + "versionEndExcluding": "12.3.0", + "matchCriteriaId": "760FD9D8-9866-4EAE-AA33-8D043AA8C043" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.3.0", + "versionEndExcluding": "10.3.26", + "matchCriteriaId": "D42F54B9-EF73-47F8-8914-383B974AA501" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vmware:open_vm_tools:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.3.0", + "versionEndExcluding": "12.3.0", + "matchCriteriaId": "E93872A3-3D1E-4A62-B5E2-170E46571997" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/08/31/1", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.vmware.com/security/advisories/VMSA-2023-0019.html", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27523.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27523.json new file mode 100644 index 00000000000..f9a2cc12556 --- /dev/null +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27523.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-27523", + "sourceIdentifier": "security@apache.org", + "published": "2023-09-06T13:15:08.017", + "lastModified": "2023-09-06T13:15:08.017", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper data authorization check on Jinja templated queries in Apache Superset\u00a0up to and including 2.1.0 allows for an authenticated user to issue queries on database tables they may not have access to.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/3y97nmwm956b6zg3l8dh9oj0w7dj945h", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27526.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27526.json new file mode 100644 index 00000000000..64da0345f68 --- /dev/null +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27526.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-27526", + "sourceIdentifier": "security@apache.org", + "published": "2023-09-06T13:15:08.300", + "lastModified": "2023-09-06T13:15:08.300", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0.\u00a0\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/ndww89yl2jd98lvn23n9cj722lfdg8dv", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36387.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36387.json new file mode 100644 index 00000000000..dff8fe49d3c --- /dev/null +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36387.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36387", + "sourceIdentifier": "security@apache.org", + "published": "2023-09-06T13:15:08.537", + "lastModified": "2023-09-06T13:15:08.537", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/tt6s6hm8nv6s11z8bfsk3r3d9ov0ogw3", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36388.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36388.json new file mode 100644 index 00000000000..fe50b09c84b --- /dev/null +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36388.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36388", + "sourceIdentifier": "security@apache.org", + "published": "2023-09-06T13:15:08.747", + "lastModified": "2023-09-06T13:15:08.747", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/ccmjjz4jp17yc2kcd18qshmdtf7qorfs", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39135.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39135.json index 452a211893c..416a86e43d0 100644 --- a/CVE-2023/CVE-2023-391xx/CVE-2023-39135.json +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39135.json @@ -2,31 +2,103 @@ "id": "CVE-2023-39135", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-30T22:15:08.920", - "lastModified": "2023-08-31T10:02:10.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-06T13:12:18.997", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in Zip Swift v2.1.2 allows attackers to execute a path traversal attack via a crafted zip entry." + }, + { + "lang": "es", + "value": "Un problema en Zip Swift v2.1.2 permite a los atacantes ejecutar un ataque de salto de ruta a trav\u00e9s de una entrada .zip manipulada. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:marmelroy:zip:2.1.2:*:*:*:*:*:*:*", + "matchCriteriaId": "BA37A87A-CC3E-41F3-92EB-A0E2F141C0E9" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://blog.ostorlab.co/zip-packages-exploitation.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/marmelroy/Zip/issues/245", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://ostorlab.co/vulndb/advisory/OVE-2023-1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://security.snyk.io/research/zip-slip-vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39136.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39136.json index 26fc581a0ca..771f1408702 100644 --- a/CVE-2023/CVE-2023-391xx/CVE-2023-39136.json +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39136.json @@ -2,31 +2,100 @@ "id": "CVE-2023-39136", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-30T22:15:08.977", - "lastModified": "2023-08-31T10:02:10.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-06T12:41:25.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An unhandled edge case in the component _sanitizedPath of ZipArchive v2.5.4 allows attackers to cause a Denial of Service (DoS) via a crafted zip file." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ziparchive_project:ziparchive:2.5.4:*:*:*:*:*:*:*", + "matchCriteriaId": "588B005C-A0E6-4EC3-AD83-F65BD3E3A4FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.ostorlab.co/zip-packages-exploitation.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/ZipArchive/ZipArchive/issues/680", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch", + "Vendor Advisory" + ] }, { "url": "https://ostorlab.co/vulndb/advisory/OVE-2023-2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://security.snyk.io/research/zip-slip-vulnerability", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39264.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39264.json new file mode 100644 index 00000000000..4637c00683e --- /dev/null +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39264.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-39264", + "sourceIdentifier": "security@apache.org", + "published": "2023-09-06T13:15:08.927", + "lastModified": "2023-09-06T13:15:08.927", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users.\u00a0This vulnerability exists in Apache Superset versions up to and including 2.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/y65t1of7hb445n86o1vdzjct7rfwlx75", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41149.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41149.json new file mode 100644 index 00000000000..d5745ee0a97 --- /dev/null +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41149.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-41149", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2023-09-06T13:15:09.117", + "lastModified": "2023-09-06T13:15:09.117", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://jvn.jp/en/jp/JVN78113802/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://f-revocrm.jp/2023/08/9394/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41150.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41150.json new file mode 100644 index 00000000000..932a21ccda0 --- /dev/null +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41150.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-41150", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2023-09-06T13:15:09.247", + "lastModified": "2023-09-06T13:15:09.247", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://jvn.jp/en/jp/JVN78113802/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://f-revocrm.jp/2023/08/9394/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41930.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41930.json new file mode 100644 index 00000000000..ec149d816e3 --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41930.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41930", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:09.377", + "lastModified": "2023-09-06T13:15:09.377", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict the 'name' query parameter when rendering a history entry, allowing attackers to have Jenkins render a manipulated configuration history that was not created by the plugin." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3233", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41931.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41931.json new file mode 100644 index 00000000000..69e208fc50e --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41931.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41931", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:09.577", + "lastModified": "2023-09-06T13:15:09.577", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not property sanitize or escape the timestamp value from history entries when rendering a history entry on the history view, resulting in a stored cross-site scripting (XSS) vulnerability." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3233", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41932.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41932.json new file mode 100644 index 00000000000..50c011ba84e --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41932.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41932", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:09.770", + "lastModified": "2023-09-06T13:15:09.770", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3235", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41933.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41933.json new file mode 100644 index 00000000000..ecbaf7231cb --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41933.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41933", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:10.000", + "lastModified": "2023-09-06T13:15:10.000", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3235", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41934.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41934.json new file mode 100644 index 00000000000..70d8b8ad8d3 --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41934.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41934", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:10.073", + "lastModified": "2023-09-06T13:15:10.073", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Pipeline Maven Integration Plugin 1330.v18e473854496 and earlier does not properly mask (i.e., replace with asterisks) usernames of credentials specified in custom Maven settings in Pipeline build logs if \"Treat username as secret\" is checked." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3257", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41935.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41935.json new file mode 100644 index 00000000000..8f0cc9c6b1f --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41935.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41935", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:10.297", + "lastModified": "2023-09-06T13:15:10.297", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Azure AD Plugin 396.v86ce29279947 and earlier, except 378.380.v545b_1154b_3fb_, uses a non-constant time comparison function when checking whether the provided and expected CSRF protection nonce are equal, potentially allowing attackers to use statistical methods to obtain a valid nonce." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3227", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41936.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41936.json new file mode 100644 index 00000000000..943d98aa3e0 --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41936.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41936", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:10.367", + "lastModified": "2023-09-06T13:15:10.367", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Google Login Plugin 1.7 and earlier uses a non-constant time comparison function when checking whether the provided and expected token are equal, potentially allowing attackers to use statistical methods to obtain a valid token." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3228", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41937.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41937.json new file mode 100644 index 00000000000..c4e0bba61df --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41937.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41937", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:10.593", + "lastModified": "2023-09-06T13:15:10.593", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 (both inclusive) trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs, allowing attackers to capture Bitbucket credentials stored in Jenkins by sending a crafted webhook payload." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3165", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41938.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41938.json new file mode 100644 index 00000000000..119cde1dcd7 --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41938.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41938", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:10.660", + "lastModified": "2023-09-06T13:15:10.660", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Ivy Plugin 2.5 and earlier allows attackers to delete disabled modules." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3093", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41939.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41939.json new file mode 100644 index 00000000000..a81ad0adc6f --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41939.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41939", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:10.867", + "lastModified": "2023-09-06T13:15:10.867", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins SSH2 Easy Plugin 1.4 and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3064", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41940.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41940.json new file mode 100644 index 00000000000..4a07fc72a3c --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41940.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41940", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:11.027", + "lastModified": "2023-09-06T13:15:11.027", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins TAP Plugin 2.3 and earlier does not escape TAP file contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control TAP file contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3190", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41941.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41941.json new file mode 100644 index 00000000000..31bf3d545a6 --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41941.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41941", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:11.107", + "lastModified": "2023-09-06T13:15:11.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A missing permission check in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3101%20(1)", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41942.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41942.json new file mode 100644 index 00000000000..b543297bf4b --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41942.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41942", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:11.217", + "lastModified": "2023-09-06T13:15:11.217", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3101%20(2)", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41943.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41943.json new file mode 100644 index 00000000000..bb2b1485dcc --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41943.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41943", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:11.433", + "lastModified": "2023-09-06T13:15:11.433", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3101%20(2)", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41944.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41944.json new file mode 100644 index 00000000000..e8cfbd5fa3a --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41944.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41944", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:11.553", + "lastModified": "2023-09-06T13:15:11.553", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not escape the queue name parameter passed to a form validation URL, when rendering an error message, resulting in an HTML injection vulnerability." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3102", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41945.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41945.json new file mode 100644 index 00000000000..e03d991707c --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41945.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41945", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:11.770", + "lastModified": "2023-09-06T13:15:11.770", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Assembla Auth Plugin 1.14 and earlier does not verify that the permissions it grants are enabled, resulting in users with EDIT permissions to be granted Overall/Manage and Overall/SystemRead permissions, even if those permissions are disabled and should not be granted." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3065", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41946.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41946.json new file mode 100644 index 00000000000..f4d597db5fe --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41946.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41946", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:11.887", + "lastModified": "2023-09-06T13:15:11.887", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified username." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3082", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41947.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41947.json new file mode 100644 index 00000000000..d4c16949e40 --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41947.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41947", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-09-06T13:15:11.973", + "lastModified": "2023-09-06T13:15:11.973", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3082", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4588.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4588.json new file mode 100644 index 00000000000..ce3e96af4a0 --- /dev/null +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4588.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4588", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2023-09-06T12:15:07.827", + "lastModified": "2023-09-06T12:15:07.827", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application's webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-552" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4589.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4589.json new file mode 100644 index 00000000000..e2877ce4ca1 --- /dev/null +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4589.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4589", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2023-09-06T12:15:07.967", + "lastModified": "2023-09-06T12:15:07.967", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-345" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index ba1631003d0..ccd2a20ac6a 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-06T12:00:25.097952+00:00 +2023-09-06T14:00:24.750541+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-06T10:15:15.097000+00:00 +2023-09-06T13:37:21.147000+00:00 ``` ### Last Data Feed Release @@ -29,31 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -224340 +224367 ``` ### CVEs added in the last Commit -Recently added CVEs: `12` +Recently added CVEs: `27` -* [CVE-2023-31188](CVE-2023/CVE-2023-311xx/CVE-2023-31188.json) (`2023-09-06T10:15:13.183`) -* [CVE-2023-32619](CVE-2023/CVE-2023-326xx/CVE-2023-32619.json) (`2023-09-06T10:15:13.650`) -* [CVE-2023-36489](CVE-2023/CVE-2023-364xx/CVE-2023-36489.json) (`2023-09-06T10:15:13.710`) -* [CVE-2023-37284](CVE-2023/CVE-2023-372xx/CVE-2023-37284.json) (`2023-09-06T10:15:13.770`) -* [CVE-2023-38563](CVE-2023/CVE-2023-385xx/CVE-2023-38563.json) (`2023-09-06T10:15:14.030`) -* [CVE-2023-38568](CVE-2023/CVE-2023-385xx/CVE-2023-38568.json) (`2023-09-06T10:15:14.273`) -* [CVE-2023-38588](CVE-2023/CVE-2023-385xx/CVE-2023-38588.json) (`2023-09-06T10:15:14.490`) -* [CVE-2023-39224](CVE-2023/CVE-2023-392xx/CVE-2023-39224.json) (`2023-09-06T10:15:14.587`) -* [CVE-2023-39935](CVE-2023/CVE-2023-399xx/CVE-2023-39935.json) (`2023-09-06T10:15:14.643`) -* [CVE-2023-40193](CVE-2023/CVE-2023-401xx/CVE-2023-40193.json) (`2023-09-06T10:15:14.697`) -* [CVE-2023-40357](CVE-2023/CVE-2023-403xx/CVE-2023-40357.json) (`2023-09-06T10:15:14.820`) -* [CVE-2023-40531](CVE-2023/CVE-2023-405xx/CVE-2023-40531.json) (`2023-09-06T10:15:15.097`) +* [CVE-2023-27523](CVE-2023/CVE-2023-275xx/CVE-2023-27523.json) (`2023-09-06T13:15:08.017`) +* [CVE-2023-27526](CVE-2023/CVE-2023-275xx/CVE-2023-27526.json) (`2023-09-06T13:15:08.300`) +* [CVE-2023-36387](CVE-2023/CVE-2023-363xx/CVE-2023-36387.json) (`2023-09-06T13:15:08.537`) +* [CVE-2023-36388](CVE-2023/CVE-2023-363xx/CVE-2023-36388.json) (`2023-09-06T13:15:08.747`) +* [CVE-2023-39264](CVE-2023/CVE-2023-392xx/CVE-2023-39264.json) (`2023-09-06T13:15:08.927`) +* [CVE-2023-41149](CVE-2023/CVE-2023-411xx/CVE-2023-41149.json) (`2023-09-06T13:15:09.117`) +* [CVE-2023-41150](CVE-2023/CVE-2023-411xx/CVE-2023-41150.json) (`2023-09-06T13:15:09.247`) +* [CVE-2023-41930](CVE-2023/CVE-2023-419xx/CVE-2023-41930.json) (`2023-09-06T13:15:09.377`) +* [CVE-2023-41931](CVE-2023/CVE-2023-419xx/CVE-2023-41931.json) (`2023-09-06T13:15:09.577`) +* [CVE-2023-41932](CVE-2023/CVE-2023-419xx/CVE-2023-41932.json) (`2023-09-06T13:15:09.770`) +* [CVE-2023-41933](CVE-2023/CVE-2023-419xx/CVE-2023-41933.json) (`2023-09-06T13:15:10.000`) +* [CVE-2023-41934](CVE-2023/CVE-2023-419xx/CVE-2023-41934.json) (`2023-09-06T13:15:10.073`) +* [CVE-2023-41935](CVE-2023/CVE-2023-419xx/CVE-2023-41935.json) (`2023-09-06T13:15:10.297`) +* [CVE-2023-41936](CVE-2023/CVE-2023-419xx/CVE-2023-41936.json) (`2023-09-06T13:15:10.367`) +* [CVE-2023-41937](CVE-2023/CVE-2023-419xx/CVE-2023-41937.json) (`2023-09-06T13:15:10.593`) +* [CVE-2023-41938](CVE-2023/CVE-2023-419xx/CVE-2023-41938.json) (`2023-09-06T13:15:10.660`) +* [CVE-2023-41939](CVE-2023/CVE-2023-419xx/CVE-2023-41939.json) (`2023-09-06T13:15:10.867`) +* [CVE-2023-41940](CVE-2023/CVE-2023-419xx/CVE-2023-41940.json) (`2023-09-06T13:15:11.027`) +* [CVE-2023-41941](CVE-2023/CVE-2023-419xx/CVE-2023-41941.json) (`2023-09-06T13:15:11.107`) +* [CVE-2023-41942](CVE-2023/CVE-2023-419xx/CVE-2023-41942.json) (`2023-09-06T13:15:11.217`) +* [CVE-2023-41943](CVE-2023/CVE-2023-419xx/CVE-2023-41943.json) (`2023-09-06T13:15:11.433`) +* [CVE-2023-41944](CVE-2023/CVE-2023-419xx/CVE-2023-41944.json) (`2023-09-06T13:15:11.553`) +* [CVE-2023-41945](CVE-2023/CVE-2023-419xx/CVE-2023-41945.json) (`2023-09-06T13:15:11.770`) +* [CVE-2023-41946](CVE-2023/CVE-2023-419xx/CVE-2023-41946.json) (`2023-09-06T13:15:11.887`) +* [CVE-2023-41947](CVE-2023/CVE-2023-419xx/CVE-2023-41947.json) (`2023-09-06T13:15:11.973`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `3` +* [CVE-2023-39136](CVE-2023/CVE-2023-391xx/CVE-2023-39136.json) (`2023-09-06T12:41:25.233`) +* [CVE-2023-39135](CVE-2023/CVE-2023-391xx/CVE-2023-39135.json) (`2023-09-06T13:12:18.997`) +* [CVE-2023-20900](CVE-2023/CVE-2023-209xx/CVE-2023-20900.json) (`2023-09-06T13:37:21.147`) ## Download and Usage