admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-29T03:00:20.030738+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-29 03:00:24 +00:00
parent b05a861304
commit d9a43d6c5d
32 changed files with 2146 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
CVE-2023/CVE-2023-202xx/CVE-2023-20208.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20208",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-21T19:15:08.567",
"lastModified": "2023-11-21T20:31:33.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:37:33.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the web-based management interface of an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco ISE podr\u00eda permitir que un atacante remoto autenticado lleve a cabo un ataque XSS contra un usuario de la interfaz de administraci\u00f3n basada en web de un dispositivo afectado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,112 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A1063044-BCD7-487F-9880-141C30547E36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "DA42E65A-7207-48B8-BE1B-0B352201BC09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "75DDAF38-4D5F-4EE4-A428-68D28FC0DA96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "C5FB6AA6-F8C9-48A6-BDDA-1D25C43564EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "2B3A267A-5FEA-426D-903E-BD3F4F94A1A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "B1B3207B-1B9C-41AA-8EF6-8478458462E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*",
"matchCriteriaId": "C5B9E7F3-B0F2-4A6A-B939-A62E9B12CCEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*",
"matchCriteriaId": "EF4C5A58-D0AE-48D6-9757-18C1D5BE5070"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C4DB9726-532F-45CE-81FD-45F2F6C7CE51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "2E8F0066-0EC0-41FD-80BE-55C4ED5F6B0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "A1E81F86-7ED6-4D6C-8DAF-09EB2A7BC496"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "5D1765DB-1BEF-4CE9-8B86-B91F709600EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*",
"matchCriteriaId": "3D1E80EF-C3FD-4F7A-B63D-0EAA5C878B11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*",
"matchCriteriaId": "095F27EC-5713-4D4F-AD06-57D3DF068B90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "36722B6C-64A5-4D00-94E1-442878C37A35"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-mult-j-KxpNynR",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

161
CVE-2023/CVE-2023-202xx/CVE-2023-20265.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20265",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-21T19:15:08.747",
"lastModified": "2023-11-21T20:31:33.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:37:14.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials to access the web-based management interface of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de un peque\u00f1o subconjunto de Cisco IP Phones podr\u00eda permitir que un atacante remoto autenticado lleve a cabo un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de una interfaz afectada para que vea una p\u00e1gina que contenga HTML o script maliciosos. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Para aprovechar esta vulnerabilidad, el atacante debe tener credenciales v\u00e1lidas para acceder a la interfaz de administraci\u00f3n basada en web del dispositivo afectado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,141 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ip_dect_110_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.1.2sr1",
"matchCriteriaId": "17BA3030-4791-4937-911A-0FA625BE4CFF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ip_dect_110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E36E9DA-BF30-42FB-9B6C-40C39DDA9473"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ip_dect_210_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.1.2sr1",
"matchCriteriaId": "4C7C4EDF-AAE1-424A-A64D-B794611E9571"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ip_dect_210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B6E163D-94B8-453B-8189-804A7C1DE8DA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_6901_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0",
"versionEndExcluding": "9.3\\(1\\)sr3",
"matchCriteriaId": "489B785B-BCC7-4D75-9A04-081CDCC49603"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_6901:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12C78A9E-35FA-4CC7-B51F-25133B3D6DA9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:unified_sip_phone_3905_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0",
"versionEndExcluding": "9.4\\(1\\)sr4",
"matchCriteriaId": "3A15605C-714B-4876-8C37-40A8C4A10ECA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:unified_sip_phone_3905:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14E1313A-F2D4-4F40-BC50-2D1BA2BBB4C7"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uipphone-xss-NcmUykqA",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

122
CVE-2023/CVE-2023-202xx/CVE-2023-20272.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20272",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-21T19:15:08.920",
"lastModified": "2023-11-21T20:31:33.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:36:57.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to upload malicious files to the web root of the application. This vulnerability is due to insufficient file input validation. An attacker could exploit this vulnerability by uploading a malicious file to the web interface. A successful exploit could allow the attacker to replace files and gain access to sensitive server-side information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Identity Services Engine podr\u00eda permitir que un atacante remoto autenticado cargue archivos maliciosos en la ra\u00edz web de la aplicaci\u00f3n. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada de archivos insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad cargando un archivo malicioso en la interfaz web. Un exploit exitoso podr\u00eda permitir al atacante reemplazar archivos y obtener acceso a informaci\u00f3n confidencial del lado del servidor."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,102 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A1063044-BCD7-487F-9880-141C30547E36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "DA42E65A-7207-48B8-BE1B-0B352201BC09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "75DDAF38-4D5F-4EE4-A428-68D28FC0DA96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "C5FB6AA6-F8C9-48A6-BDDA-1D25C43564EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "2B3A267A-5FEA-426D-903E-BD3F4F94A1A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "B1B3207B-1B9C-41AA-8EF6-8478458462E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*",
"matchCriteriaId": "C5B9E7F3-B0F2-4A6A-B939-A62E9B12CCEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*",
"matchCriteriaId": "EF4C5A58-D0AE-48D6-9757-18C1D5BE5070"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C4DB9726-532F-45CE-81FD-45F2F6C7CE51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "2E8F0066-0EC0-41FD-80BE-55C4ED5F6B0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "A1E81F86-7ED6-4D6C-8DAF-09EB2A7BC496"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "5D1765DB-1BEF-4CE9-8B86-B91F709600EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*",
"matchCriteriaId": "3D1E80EF-C3FD-4F7A-B63D-0EAA5C878B11"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-mult-j-KxpNynR",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

187
CVE-2023/CVE-2023-202xx/CVE-2023-20274.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20274",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-21T19:15:09.087",
"lastModified": "2023-11-21T20:31:33.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:36:46.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to insufficient permissions that are set by the PHP Agent Installer on the PHP Agent install directory. An attacker could exploit this vulnerability by modifying objects in the PHP Agent install directory, which would run with the same privileges as PHP. A successful exploit could allow a lower-privileged attacker to elevate their privileges to root on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el script de instalaci\u00f3n de Cisco AppDynamics PHP Agent podr\u00eda permitir que un atacante local autenticado eleve los privilegios en un dispositivo afectado. Esta vulnerabilidad se debe a permisos insuficientes establecidos por el instalador del Agente PHP en el directorio de instalaci\u00f3n del Agente PHP. Un atacante podr\u00eda aprovechar esta vulnerabilidad modificando objetos en el directorio de instalaci\u00f3n del Agente PHP, que se ejecutar\u00eda con los mismos privilegios que PHP. Un exploit exitoso podr\u00eda permitir a un atacante con pocos privilegios elevar sus privilegios a root en un dispositivo afectado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,167 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF2D254-0CF2-4222-8A0F-287FEC8076EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99B37EFD-038D-4EDF-94B0-B71CCFADEFEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD05623-01FA-4D93-B296-2350AB454440"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30CF7CE2-79AE-439D-B8BC-CFFEDBA31722"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E95BBC50-C9C1-46B6-B2DB-648E0D13F9FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36E10113-C233-4894-9275-A428A862603A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F2410CD6-EBBE-4293-8520-8458BC48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "115F3303-40E2-49DC-B258-EEAA7FD25FEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4CEE68-78AA-4D7C-85FD-F2CC8029F35B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F5372D69-BA7B-4717-A114-B932B42E59A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "340C12A6-C074-4D37-AADC-DF6BA1F80E9D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC949D5-B682-4543-96D9-6A3F315722CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E690D089-6743-4A53-AF37-F8F145A535AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AA69ED-46A8-44A0-B2BF-1E87DE16D500"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "981D0B03-F48D-4171-A47C-C14F8477AC93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:21.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "340F13D8-A7CE-4B4E-911C-AF09B904841B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05D3B1C5-6BD5-4216-BA52-B318EA090164"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3789CA6-7074-4BA5-B299-2A37B42CC0D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:22.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "090629EC-7BBA-4AD7-9273-03CA44213CE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:22.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58162F8D-25CC-4568-9E08-8D33F80D1C05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:22.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE76C4DC-1154-4851-AD29-0655F916F20A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:22.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82ED4CB3-83EB-49B1-AEED-7835C0B9546A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:22.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D67688D6-2436-4AA2-B3DB-4F04591A3294"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:22.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16B0356D-D0F9-4B5F-86F5-A0A197720725"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:23.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B21D424-2EFF-403F-A66D-1A0BFC2DC915"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics:23.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9500E08E-CB71-42BD-81AB-90FA2BC9D005"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-php-authpriv-gEBwTvu5",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-225xx/CVE-2023-22516.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-22516",
"sourceIdentifier": "security@atlassian.com",
"published": "2023-11-21T18:15:07.910",
"lastModified": "2023-11-21T20:31:33.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:36:29.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\r\n\r\nAtlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.7.\r\n JDK 1.8u121+ should be used in case Java 8 used to run Bamboo Data Center and Server. See Bamboo 9.2 Upgrade notes (https://confluence.atlassian.com/bambooreleases/bamboo-9-2-upgrade-notes-1207179212.html)\r\n\r\n Bamboo Data Center and Server 9.3: Upgrade to a release greater than or equal to 9.3.4\r\n\r\nSee the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).\r\n\r\nThis vulnerability was discovered by a private user and reported via our Bug Bounty program"
},
{
"lang": "es",
"value": "Esta vulnerabilidad RCE (ejecuci\u00f3n remota de c\u00f3digo) de alta gravedad se introdujo en las versiones 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0 y 9.3.0 de Bamboo Data Center and Server. Esta vulnerabilidad RCE (ejecuci\u00f3n remota de c\u00f3digo), con una puntuaci\u00f3n CVSS de 8.5, permite a un atacante autenticado ejecutar c\u00f3digo arbitrario que tiene un alto impacto en la confidencialidad, un alto impacto en la integridad, un alto impacto en la disponibilidad y no requiere interacci\u00f3n del usuario. Atlassian recomienda que los clientes de Bamboo Data Center and Server actualicen a la \u00faltima versi\u00f3n; si no puede hacerlo, actualice su instancia a una de las versiones fijas admitidas especificadas: Bamboo Data Center and Server 9.2: actualice a una versi\u00f3n superior o igual a 9.2.7. Se debe utilizar JDK 1.8u121+ en caso de que se utilice Java 8 para ejecutar Bamboo Data Center and Server. Consulte las notas de actualizaci\u00f3n de Bamboo 9.2 (https://confluence.atlassian.com/bambooreleases/bamboo-9-2-upgrade-notes-1207179212.html) Bamboo Data Center and Server 9.3: actualice a una versi\u00f3n superior o igual a 9.3. 4 Consulte las notas de la versi\u00f3n ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). Puede descargar la \u00faltima versi\u00f3n de Bamboo Data Center and Server desde el centro de descargas ([https://www.atlassian.com/software/bamboo/download-archives]). Esta vulnerabilidad fue descubierta por un usuario privado y reportada a trav\u00e9s de nuestro programa Bug Bounty."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@atlassian.com",
@ -34,14 +60,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndExcluding": "9.2.7",
"matchCriteriaId": "4BD39D93-971A-4C82-9090-E502D250851A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.3.0",
"versionEndExcluding": "9.3.4",
"matchCriteriaId": "191F8EA5-2812-4A23-98AB-28C4843CDE15"
}
]
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1318881573",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.atlassian.com/browse/BAM-25168",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-225xx/CVE-2023-22521.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-22521",
"sourceIdentifier": "security@atlassian.com",
"published": "2023-11-21T18:15:08.070",
"lastModified": "2023-11-21T20:31:33.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:36:19.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.0, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\r\n\r\nAtlassian recommends that Crowd Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Crowd Data Center and Server 3.4: Upgrade to a release greater than or equal to 5.1.6\r\n Crowd Data Center and Server 5.2: Upgrade to a release greater than or equal to 5.2.1\r\n\r\nSee the release notes ([https://confluence.atlassian.com/crowd/crowd-release-notes-199094.html]). You can download the latest version of Crowd Data Center and Server from the download center ([https://www.atlassian.com/software/crowd/download-archive]).\r\n\r\nThis vulnerability was discovered by m1sn0w and reported via our Bug Bounty program"
},
{
"lang": "es",
"value": "Esta vulnerabilidad RCE (ejecuci\u00f3n remota de c\u00f3digo) de alta gravedad se introdujo en la versi\u00f3n 3.4.6 de Crowd Data Center and Server. Esta vulnerabilidad RCE (ejecuci\u00f3n remota de c\u00f3digo), con una puntuaci\u00f3n CVSS de 8.0, permite a un atacante autenticado ejecutar c\u00f3digo arbitrario que tiene un alto impacto en la confidencialidad, un alto impacto en la integridad, un alto impacto en la disponibilidad y no requiere interacci\u00f3n del usuario. Atlassian recomienda que los clientes de Crowd Data Center and Server actualicen a la \u00faltima versi\u00f3n; si no pueden hacerlo, actualicen su instancia a una de las versiones fijas admitidas especificadas: Crowd Data Center and Server 3.4: actualice a una versi\u00f3n superior o igual a 5.1.6 Crowd Data Center and Server 5.2: actualice a una versi\u00f3n mayor o igual a 5.2.1 Consulte las notas de la versi\u00f3n ([https://confluence.atlassian.com/crowd/crowd-release-notes-199094.html] ). Puede descargar la \u00faltima versi\u00f3n de Crowd Data Center and Server desde el centro de descargas ([https://www.atlassian.com/software/crowd/download-archive]). Esta vulnerabilidad fue descubierta por m1sn0w y reportada a trav\u00e9s de nuestro programa Bug Bounty."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@atlassian.com",
@ -34,14 +60,56 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4.0",
"versionEndExcluding": "5.1.6",
"matchCriteriaId": "BEC2841E-238A-437B-9394-FE7918EDF84A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:crowd:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7728C344-21D2-47CF-9DEB-A883487EE5D4"
}
]
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1318881573",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.atlassian.com/browse/CWD-6139",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-233xx/CVE-2023-23324.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-23324",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T01:15:07.127",
"lastModified": "2023-11-29T01:15:07.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account."
}
],
"metrics": {},
"references": [
{
"url": "http://zumtobel.com",
"source": "cve@mitre.org"
},
{
"url": "https://yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-233xx/CVE-2023-23325.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-23325",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T01:15:07.187",
"lastModified": "2023-11-29T01:15:07.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain a command injection vulnerability via the NetHostname parameter."
}
],
"metrics": {},
"references": [
{
"url": "http://zumtobel.com",
"source": "cve@mitre.org"
},
{
"url": "https://yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-242xx/CVE-2023-24294.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-24294",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T01:15:07.237",
"lastModified": "2023-11-29T01:15:07.237",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Zumtobel Netlink CCD Onboard v3.74 - Firmware v3.80 was discovered to contain a buffer overflow via the component NetlinkWeb::Information::SetDeviceIdentification."
}
],
"metrics": {},
"references": [
{
"url": "http://zumtobel.com",
"source": "cve@mitre.org"
},
{
"url": "https://yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/",
"source": "cve@mitre.org"
}
]
}

51
CVE-2023/CVE-2023-28xx/CVE-2023-2889.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-2889",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-11-22T14:15:10.310",
"lastModified": "2023-11-22T15:12:25.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:25:43.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veon Computer Service Tracking Software allows SQL Injection.This issue affects Service Tracking Software: through 20231122.\u00a0\n\nNOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\n\n"
},
{
"lang": "es",
"value": "La neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en Veon Computer Service Tracking Software permite la inyecci\u00f3n SQL. Este problema afecta Service Tracking Software: hasta 20231122. NOTA: Se contact\u00f3 primeramente al proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:veom:service_tracking:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20231122",
"matchCriteriaId": "3828D333-CC9C-4BA5-8634-BC1523FD5C34"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0653",
"source": "iletisim@usom.gov.tr"
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-304xx/CVE-2023-30496.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30496",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-22T20:15:08.080",
"lastModified": "2023-11-24T15:24:57.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:29:39.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mage-people:bus_ticket_booking_with_seat_reservation:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.2.6",
"matchCriteriaId": "FDF80D79-1230-4BCA-B3B1-F2AC64CAB097"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bus-ticket-booking-with-seat-reservation/wordpress-bus-ticket-booking-with-seat-reservation-plugin-5-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-362xx/CVE-2023-36281.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-36281",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:36.457",
"lastModified": "2023-11-17T19:15:08.907",
"lastModified": "2023-11-29T01:15:07.283",
"vulnStatus": "Modified",
"descriptions": [
{
@ -80,6 +80,10 @@
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/langchain-ai/langchain/releases/tag/v0.0.312",
"source": "cve@mitre.org"
}
]
}

12
CVE-2023/CVE-2023-468xx/CVE-2023-46865.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46865",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T01:15:21.967",
"lastModified": "2023-11-08T01:55:56.383",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-29T01:15:07.360",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -69,6 +69,10 @@
}
],
"references": [
{
"url": "https://github.com/asylumdx/Crater-CVE-2023-46865-RCE",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/crater-invoice/crater/issues/1267",
"source": "cve@mitre.org",
@ -85,6 +89,10 @@
"Issue Tracking",
"Patch"
]
},
{
"url": "https://notes.netbytesec.com/2023/11/post-auth-rce-in-crater-invoice.html",
"source": "cve@mitre.org"
}
]
}

64
CVE-2023/CVE-2023-470xx/CVE-2023-47014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47014",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-22T18:15:08.840",
"lastModified": "2023-11-22T19:00:49.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:29:03.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en Sourcecodester Sticky Notes App que utiliza PHP con c\u00f3digo fuente v.1.0 permite a un atacante local obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulado en add-note.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:remyandrade:sticky_notes_app:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A761D294-F1B2-4BB1-BA12-1D230E8F4177"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/emirhanerdogu/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS/blob/main/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-473xx/CVE-2023-47350.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-47350",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-22T16:15:09.580",
"lastModified": "2023-11-22T17:31:59.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:25:35.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SwiftyEdit Content Management System prior to v1.2.0 is vulnerable to Cross Site Request Forgery (CSRF)."
},
{
"lang": "es",
"value": "SwiftyEdit Content Management System anterior a la versi\u00f3n 1.2.0 es vulnerable a la Cross-Site Request Forgery (CSRF)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:swiftyedit:swiftyedit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.0",
"matchCriteriaId": "0EDED9A2-C760-4FC3-8D64-CF2ACD8EC95A"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/SwiftyEdit/SwiftyEdit/commit/90a6f3df16cd1578b2827d7b2e073451f7ce4e47",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

71
CVE-2023/CVE-2023-476xx/CVE-2023-47643.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-47643",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T20:15:07.270",
"lastModified": "2023-11-21T20:31:33.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:36:10.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SuiteCRM is a Customer Relationship Management (CRM) software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions. An attacker can obtain the GraphQL schema and understand the entire attack surface of the API, including sensitive fields such as UserHash. This issue is patched in version 8.4.2. There are no known workarounds."
},
{
"lang": "es",
"value": "SuiteCRM es una aplicaci\u00f3n de software Customer Relationship Management (CRM). Antes de la versi\u00f3n 8.4.2, Graphql Introspection estaba habilitado sin autenticaci\u00f3n, lo que expon\u00eda el esquema que define todos los tipos de objetos, argumentos y funciones. Un atacante puede obtener el esquema GraphQL y comprender toda la superficie de ataque de la API, incluidos campos confidenciales como UserHash. Este problema se solucion\u00f3 en la versi\u00f3n 8.4.2. No se conocen workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +80,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:salesagility:suitecrm:8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F70103A-8630-4F14-867F-9278AB1602ED"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/salesagility/SuiteCRM-Core/commit/117dd8172793a239f71c91222606bf00677eeb33",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/salesagility/SuiteCRM-Core/security/advisories/GHSA-fxww-jqfv-9rrr",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://www.apollographql.com/blog/graphql/security/why-you-should-disable-graphql-introspection-in-production/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
}
]
}

47
CVE-2023/CVE-2023-477xx/CVE-2023-47759.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47759",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-22T20:15:09.023",
"lastModified": "2023-11-24T15:24:57.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:30:03.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:premio:chaty:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1.3",
"matchCriteriaId": "AC961DA8-F41A-4903-A8A8-2BE30A5FFF0D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/chaty/wordpress-chaty-plugin-3-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-477xx/CVE-2023-47781.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-47781",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-22T19:15:08.773",
"lastModified": "2023-11-22T19:46:41.130",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:29:15.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Thrive Themes Thrive Theme Builder <=\u00a03.24.2 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Thrive Themes Thrive Theme Builder en versiones &lt;= 3.24.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thrivethemes:thrive_themes_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.24.2",
"matchCriteriaId": "89D0ABEA-C305-4460-81C3-6FAC4E327EFC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/thrive-theme/wordpress-thrive-theme-builder-theme-3-20-1-cross-site-request-forgery-csrf-to-account-takeover-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-477xx/CVE-2023-47792.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-47792",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-22T19:15:09.397",
"lastModified": "2023-11-22T19:46:41.130",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:29:26.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Infinite Uploads Big File Uploads \u2013 Increase Maximum File Upload Size plugin <=\u00a02.1.1 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Infinite Uploads Big File Uploads \u2013 Increase Maximum File Upload Size en versiones &lt;= 2.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infiniteuploads:big_file_uploads:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.2",
"matchCriteriaId": "3B60A6BB-709F-4F3E-AC3A-C9589142C645"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/tuxedo-big-file-uploads/wordpress-big-file-uploads-plugin-2-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-478xx/CVE-2023-47819.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-47819",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-22T19:15:09.600",
"lastModified": "2023-11-22T19:46:41.130",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:29:33.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Dang Ngoc Binh Easy Call Now by ThikShare plugin <=\u00a01.1.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Dang Ngoc Binh Easy Call Now by ThikShare en versiones &lt;= 1.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dangngocbinh:easy_call_now_by_thikshare:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.0",
"matchCriteriaId": "8E1747F3-BFDB-40AC-B78B-3D739ABECE7C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/easy-call-now/wordpress-easy-call-now-by-thikshare-plugin-1-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-478xx/CVE-2023-47824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47824",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-22T20:15:09.210",
"lastModified": "2023-11-24T15:24:57.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:30:13.810",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpwax:legal_pages:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.9",
"matchCriteriaId": "656AD268-CF24-4CE5-B61C-A569D02D57D9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/legal-pages/wordpress-legal-pages-plugin-1-3-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-478xx/CVE-2023-47825.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47825",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-22T20:15:09.390",
"lastModified": "2023-11-24T15:24:57.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:30:21.970",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpvnteam:wp_extra:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.5",
"matchCriteriaId": "5D2780A1-09DC-40B8-98AC-89E70264F68B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-extra/wordpress-wp-extra-plugin-6-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-482xx/CVE-2023-48226.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48226",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T20:15:07.543",
"lastModified": "2023-11-21T20:31:33.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:35:48.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OpenReplay is a self-hosted session replay suite. In version 1.14.0, due to lack of validation Name field - Account Settings (for registration looks like validation is correct), a bad actor can send emails with HTML injected code to the victims. Bad actors can use this to phishing actions for example. Email is really send from OpenReplay, but bad actors can add there HTML code injected (content spoofing). Please notice that during Registration steps for FullName looks like is validated correct - can not type there, but using this kind of bypass/workaround - bad actors can achieve own goal. As of time of publication, no known fixes or workarounds are available."
},
{
"lang": "es",
"value": "OpenReplay es una suite de reproducci\u00f3n de sesiones autohospedada. En la versi\u00f3n 1.14.0, debido a la falta de validaci\u00f3n del campo Nombre - Configuraci\u00f3n de la Cuenta (para el registro parece que la validaci\u00f3n es correcta), un mal actor puede enviar correos electr\u00f3nicos con c\u00f3digo HTML inyectado a las v\u00edctimas. Los malos actores pueden utilizar esto para acciones de phishing, por ejemplo. El correo electr\u00f3nico en realidad se env\u00eda desde OpenReplay, pero los malos actores pueden agregar all\u00ed c\u00f3digo HTML inyectado (suplantaci\u00f3n de contenido). Tenga en cuenta que durante los pasos de registro, el nombre completo parece estar validado correctamente; no se puede escribir all\u00ed, pero al usar este tipo de omisi\u00f3n/workaround, los malos actores pueden lograr su propio objetivo. En el momento de la publicaci\u00f3n, no hay soluciones conocidas ni workarounds disponibles."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,26 +84,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openreplay:openreplay:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.15.0",
"matchCriteriaId": "1F237899-546F-4B3B-B7FA-6569D6239747"
}
]
}
]
}
],
"references": [
{
"url": "https://bugcrowd.com/vulnerability-rating-taxonomy",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://capec.mitre.org/data/definitions/242.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://cwe.mitre.org/data/definitions/20.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/openreplay/openreplay/blob/main/api/chalicelib/utils/html/invitation.html#L421",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/openreplay/openreplay/security/advisories/GHSA-xpfv-454c-3fj4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

104
CVE-2023/CVE-2023-482xx/CVE-2023-48228.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48228",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T21:15:08.477",
"lastModified": "2023-11-22T03:36:44.963",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:35:26.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "authentik is an open-source identity provider. When initialising a oauth2 flow with a `code_challenge` and `code_method` (thus requesting PKCE), the single sign-on provider (authentik) must check if there is a matching and existing `code_verifier` during the token step. Prior to versions 2023.10.4 and 2023.8.5, authentik checks if the contents of `code_verifier` is matching only when it is provided. When it is left out completely, authentik simply accepts the token request with out it; even when the flow was started with a `code_challenge`. authentik 2023.8.5 and 2023.10.4 fix this issue."
},
{
"lang": "es",
"value": "authentik es un proveedor de identidad de c\u00f3digo abierto. Al inicializar un flujo oauth2 con un `code_challenge` y un `code_method` (solicitando as\u00ed PKCE), el proveedor de inicio de sesi\u00f3n \u00fanico (authentik) debe verificar si hay un `code_verifier` coincidente y existente durante el paso del token. Antes de las versiones 2023.10.4 y 2023.8.5, authentik verifica si el contenido de `code_verifier` coincide solo cuando se proporciona. Cuando se omite por completo, authentik simplemente acepta la solicitud del token sin \u00e9l; incluso cuando el flujo se inici\u00f3 con un \"code_challenge\". authentik 2023.8.5 y 2023.10.4 solucionan este problema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,46 +70,102 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goauthentik:authentik:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.8.5",
"matchCriteriaId": "EDAD4E86-B0E7-4863-B8B4-D3B85DF1F9B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goauthentik:authentik:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023.10.0",
"versionEndExcluding": "2023.10.4",
"matchCriteriaId": "94DFCEE9-DE60-4890-8F11-D2EFDB0565D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/goauthentik/authentik/blob/dd4e9030b4e667d3720be2feda24c08972602274/authentik/providers/oauth2/views/token.py#L225",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/goauthentik/authentik/commit/3af77ab3821fe9c7df8055ba5eade3d1ecea03a6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/goauthentik/authentik/commit/6b9afed21f7c39f171a4a445654cfe415bba37d5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/goauthentik/authentik/commit/b88e39411c12e3f9e04125a7887f12354f760a14",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/goauthentik/authentik/pull/7666",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/goauthentik/authentik/pull/7668",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/goauthentik/authentik/pull/7669",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/goauthentik/authentik/releases/tag/version%2F2023.10.4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/goauthentik/authentik/releases/tag/version%2F2023.8.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/goauthentik/authentik/security/advisories/GHSA-fm34-v8xq-f2c3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-482xx/CVE-2023-48230.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48230",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T21:15:08.683",
"lastModified": "2023-11-22T03:36:44.963",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:35:10.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled, likely resulting in a crash, enabling a remote denial-of-service attack. Most Cap'n Proto and KJ users are unlikely to have this functionality enabled and so unlikely to be affected. Maintainers suspect only the Cloudflare Workers Runtime is affected.\n\nIf KJ HTTP is used with WebSocket compression enabled, a malicious peer may be able to cause a buffer underrun on a heap-allocated buffer. KJ HTTP is an optional library bundled with Cap'n Proto, but is not directly used by Cap'n Proto. WebSocket compression is disabled by default. It must be enabled via a setting passed to the KJ HTTP library via `HttpClientSettings` or `HttpServerSettings`. The bytes written out-of-bounds are always a specific constant 4-byte string `{ 0x00, 0x00, 0xFF, 0xFF }`. Because this string is not controlled by the attacker, maintainers believe it is unlikely that remote code execution is possible. However, it cannot be ruled out. This functionality first appeared in Cap'n Proto 1.0. Previous versions are not affected.\n\nThis issue is fixed in Cap'n Proto 1.0.1.1."
},
{
"lang": "es",
"value": "Cap'n Proto es un formato de intercambio de datos y un sistema RPC basado en capacidades. En las versiones 1.0 y 1.0.1, cuando se utiliza la librer\u00eda HTTP KJ con la compresi\u00f3n WebSocket habilitada, un par remoto puede provocar una insuficiencia de datos del b\u00fafer. La insuficiencia de datos siempre escribe un valor constante que no est\u00e1 controlado por el atacante, lo que probablemente provoca un bloqueo y permite un ataque remoto de denegaci\u00f3n de servicio. Es poco probable que la mayor\u00eda de los usuarios de Cap'n Proto y KJ tengan habilitada esta funcionalidad y, por lo tanto, es poco probable que se vean afectados. Los mantenedores sospechan que Cloudflare Workers Runtime se ve afectado. Si se utiliza KJ HTTP con la compresi\u00f3n WebSocket habilitada, un par malintencionado puede provocar una insuficiencia de datos en un b\u00fafer asignado en heap. KJ HTTP es una librer\u00eda opcional incluida con Cap'n Proto, pero Cap'n Proto no la utiliza directamente. La compresi\u00f3n WebSocket est\u00e1 deshabilitada de forma predeterminada. Debe habilitarse mediante una configuraci\u00f3n pasada a la librer\u00eda HTTP KJ mediante `HttpClientSettings` o `HttpServerSettings`. Los bytes escritos fuera de los l\u00edmites son siempre una cadena constante espec\u00edfica de 4 bytes `{ 0x00, 0x00, 0xFF, 0xFF }`. Debido a que el atacante no controla esta cadena, los mantenedores creen que es poco probable que sea posible la ejecuci\u00f3n remota de c\u00f3digo. Sin embargo, no se puede descartar. Esta funcionalidad apareci\u00f3 por primera vez en Cap'n Proto 1.0. Las versiones anteriores no se ven afectadas. Este problema se solucion\u00f3 en Cap'n Proto 1.0.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +80,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:capnproto:capnproto:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA487D0-FD4A-4967-A786-E193A410B278"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:capnproto:capnproto:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CBABE2-2DD5-4576-B461-3D18E52DC2B2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/capnproto/capnproto/commit/75c5c1499aa6e7690b741204ff9af91cce526c59",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/capnproto/capnproto/commit/e7f22da9c01286a2b0e1e5fbdf3ec9ab3aa128ff",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/capnproto/capnproto/security/advisories/GHSA-r89h-f468-62w3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
}
]
}

142
CVE-2023/CVE-2023-482xx/CVE-2023-48239.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48239",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T21:15:08.880",
"lastModified": "2023-11-22T03:36:44.963",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:32:23.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and starting in version 20.0.0 and prior to versions 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0.12.12, 24.0.12.8, 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Enterprise Server, a malicious user could update any personal or global external storage, making them inaccessible for everyone else as well. Nextcloud Server 25.0.13, 26.0.8, and 27.1.3 and Nextcloud Enterprise Server is upgraded to 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0.12.12, 24.0.12.8, 25.0.13, 26.0.8, and 27.1.3 contain a patch for this issue. As a workaround, disable app files_external. This workaround also makes the external storage inaccessible but retains the configurations until a patched version has been deployed."
},
{
"lang": "es",
"value": "Nextcloud Server proporciona almacenamiento de datos para Nextcloud, una plataforma en la nube de c\u00f3digo abierto. A partir de la versi\u00f3n 25.0.0 y anteriores a las versiones 25.0.13, 26.0.8 y 27.1.3 de Nextcloud Server y a partir de la versi\u00f3n 20.0.0 y anteriores a las versiones 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0. 12.12, 24.0.12.8, 25.0.13, 26.0.8 y 27.1.3 de Nextcloud Enterprise Server, un usuario malintencionado podr\u00eda actualizar cualquier almacenamiento externo personal o global, haci\u00e9ndolo inaccesible para todos los dem\u00e1s tambi\u00e9n. Nextcloud Server 25.0.13, 26.0.8 y 27.1.3 y Nextcloud Enterprise Server se actualizan a 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0.12.12, 24.0.12.8, 25.0.13, 26.0.8 y 27.1.3 contiene un parche para este problema. Como workaround, deshabilite la aplicaci\u00f3n files_external. Este workaround tambi\u00e9n hace que el almacenamiento externo sea inaccesible, pero conserva las configuraciones hasta que se implemente una versi\u00f3n parcheada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +80,116 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "20.0.0",
"versionEndExcluding": "20.0.14.16",
"matchCriteriaId": "53E6089A-43CF-4BA9-8E71-66AD372F97B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "21.0.0",
"versionEndExcluding": "21.0.9.13",
"matchCriteriaId": "14CB262E-1288-40F8-ACC3-2F2E507B4362"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "22.0.0",
"versionEndExcluding": "22.2.10.15",
"matchCriteriaId": "AD202AE1-C1D0-470E-82F4-305403CA9165"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.0.12.12",
"matchCriteriaId": "68F9F9CF-1C49-48BF-91BC-0B909EE16EBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "24.0.0",
"versionEndExcluding": "24.0.12.8",
"matchCriteriaId": "AE7711B7-3AD8-4DD5-8D15-A082BF5789DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "25.0.0",
"versionEndExcluding": "25.0.13",
"matchCriteriaId": "29861543-C0E0-4AE0-AB80-D355F7C87BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "25.0.0",
"versionEndExcluding": "25.0.13",
"matchCriteriaId": "022E939C-D0FF-4B15-B196-2E31648A6D7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "26.0.0",
"versionEndExcluding": "26.0.8",
"matchCriteriaId": "11421EAE-68EA-4372-8AC0-F5A1E40A9351"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "26.0.0",
"versionEndExcluding": "26.0.8",
"matchCriteriaId": "73E25AF9-5CCD-45F9-AAB0-AFEF607B0F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "27.0.0",
"versionEndExcluding": "27.1.3",
"matchCriteriaId": "DBD45C73-377F-4B88-BE87-1BBD9236CAEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "27.0.0",
"versionEndExcluding": "27.1.3",
"matchCriteriaId": "0584A036-2006-4032-85CA-673B4547F7EA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-f962-hw26-g267",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/nextcloud/server/pull/41123",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://hackerone.com/reports/2212627",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit"
]
}
]
}

68
CVE-2023/CVE-2023-482xx/CVE-2023-48299.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48299",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T21:15:09.077",
"lastModified": "2023-11-22T03:36:44.963",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:31:52.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TorchServe is a tool for serving and scaling PyTorch models in production. Starting in version 0.1.0 and prior to version 0.9.0, using the model/workflow management API, there is a chance of uploading potentially harmful archives that contain files that are extracted to any location on the filesystem that is within the process permissions. Leveraging this issue could aid third-party actors in hiding harmful code in open-source/public models, which can be downloaded from the internet, and take advantage of machines running Torchserve. The ZipSlip issue in TorchServe has been fixed by validating the paths of files contained within a zip archive before extracting them. TorchServe release 0.9.0 includes fixes to address the ZipSlip vulnerability."
},
{
"lang": "es",
"value": "TorchServe es una herramienta para servir y escalar modelos de PyTorch en producci\u00f3n. A partir de la versi\u00f3n 0.1.0 y antes de la versi\u00f3n 0.9.0, al utilizar la API de administraci\u00f3n de modelo/flujo de trabajo, existe la posibilidad de cargar archivos potencialmente da\u00f1inos que contengan archivos extra\u00eddos a cualquier ubicaci\u00f3n del sistema de archivos que est\u00e9 dentro de los permisos del proceso. Aprovechar este problema podr\u00eda ayudar a terceros a ocultar c\u00f3digo da\u00f1ino en modelos p\u00fablicos/de c\u00f3digo abierto, que se pueden descargar de Internet, y aprovechar las m\u00e1quinas que ejecutan Torchserve. El problema de Zipslip en TorchServe se solucion\u00f3 validando las rutas de los archivos contenidos en un archivo zip antes de extraerlos. La versi\u00f3n 0.9.0 de TorchServe incluye correcciones para abordar la vulnerabilidad Zipslip."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +70,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pytorch:torchserve:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.1.0",
"versionEndExcluding": "0.9.0",
"matchCriteriaId": "F958D5AE-E57F-4C08-A946-D75B9857CD1B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pytorch/serve/commit/bfb3d42396727614aef625143b4381e64142f9bb",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pytorch/serve/pull/2634",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pytorch/serve/releases/tag/v0.9.0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/pytorch/serve/security/advisories/GHSA-m2mj-pr4f-h9jp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-487xx/CVE-2023-48705.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48705",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-22T16:15:09.627",
"lastModified": "2023-11-22T17:31:59.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:25:23.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Nautobot is a Network Source of Truth and Network Automation Platform built as a web application All users of Nautobot versions earlier than 1.6.6 or 2.0.5 are potentially affected by a cross-site scripting vulnerability. Due to incorrect usage of Django's `mark_safe()` API when rendering certain types of user-authored content; including custom links, job buttons, and computed fields; it is possible that users with permission to create or edit these types of content could craft a malicious payload (such as JavaScript code) that would be executed when rendering pages containing this content. The maintainers have fixed the incorrect uses of `mark_safe()` (generally by replacing them with appropriate use of `format_html()` instead) to prevent such malicious data from being executed. Users on Nautobot 1.6.x LTM should upgrade to v1.6.6 and users on Nautobot 2.0.x should upgrade to v2.0.5. Appropriate object permissions can and should be applied to restrict which users are permitted to create or edit the aforementioned types of user-authored content. Other than that, there is no direct workaround available."
},
{
"lang": "es",
"value": "Nautobot es una plataforma de automatizaci\u00f3n de red y fuente de verdad de red creada como una aplicaci\u00f3n web. Todos los usuarios de versiones de Nautobot anteriores a 1.6.6 o 2.0.5 se ven potencialmente afectados por una vulnerabilidad de cross-site scripting. Debido al uso incorrecto de la API `mark_safe()` de Django al representar ciertos tipos de contenido escrito por el usuario; incluidos enlaces personalizados, botones de trabajo y campos calculados; Es posible que los usuarios con permiso para crear o editar este tipo de contenido puedan crear un payload malicioso (como c\u00f3digo JavaScript) que se ejecutar\u00eda al representar p\u00e1ginas que contengan este contenido. Los mantenedores han solucionado los usos incorrectos de `mark_safe()` (generalmente reemplaz\u00e1ndolos con el uso apropiado de `format_html()`) para evitar que se ejecuten dichos datos maliciosos. Los usuarios de Nautobot 1.6.x LTM deben actualizar a v1.6.6 y los usuarios de Nautobot 2.0.x deben actualizar a v2.0.5. Se pueden y se deben aplicar permisos de objetos apropiados para restringir qu\u00e9 usuarios pueden crear o editar los tipos de contenido escritos por el usuario antes mencionados. Aparte de eso, no existe ning\u00fan workaround directo disponible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,34 +70,82 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:networktocode:nautobot:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "BB340A94-5C6A-45D2-B2DA-641084D4B9E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:networktocode:nautobot:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.0.5",
"matchCriteriaId": "AEA9BE2A-BB72-4EFE-A376-B91223E0F6F0"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.djangoproject.com/en/3.2/ref/utils/#django.utils.html.format_html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://docs.djangoproject.com/en/3.2/ref/utils/#django.utils.safestring.mark_safe",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/nautobot/nautobot/commit/362850f5a94689a4c75e3188bf6de826c3b012b2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/nautobot/nautobot/commit/54abe23331b6c3d0d82bf1b028c679b1d200920d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/nautobot/nautobot/pull/4832",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/nautobot/nautobot/pull/4833",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/nautobot/nautobot/security/advisories/GHSA-cf9f-wmhp-v4pr",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-52xx/CVE-2023-5234.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-5234",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-11-22T16:15:10.773",
"lastModified": "2023-11-22T17:31:59.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:25:14.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Related Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'woo-related' shortcode in versions up to, and including, 3.3.15 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Related Products for WooCommerce para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de un c\u00f3digo corto 'relacionado con Woo' en versiones hasta la 3.3.15 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:peachpay:related_products_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.15",
"matchCriteriaId": "2313A14B-20E9-45AE-95BD-E3359FBA2663"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woo-related-products-refresh-on-reload/tags/3.3.15/woo-related-products.php#L303",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2988185/woo-related-products-refresh-on-reload",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a98498b8-9397-42e9-9c99-a576975c9ac9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-62xx/CVE-2023-6238.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6238",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-21T21:15:09.273",
"lastModified": "2023-11-22T03:36:44.963",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:31:23.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. An unprivileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de desbordamiento del b\u00fafer en el controlador NVM Express (NVMe) en el kernel de Linux. Un usuario sin privilegios podr\u00eda especificar un metab\u00fafer peque\u00f1o y permitir que el dispositivo realice un Direct Memory Access (DMA) m\u00e1s grande en el mismo b\u00fafer, sobrescribiendo la memoria del kernel no relacionada, provocando fallas aleatorias del kernel y corrupci\u00f3n de la memoria."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -46,14 +80,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6238",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250834",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-62xx/CVE-2023-6252.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6252",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-11-22T14:15:10.520",
"lastModified": "2023-11-22T15:12:25.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-29T02:26:07.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Path traversal vulnerability in Chalemelon Power framework, affecting the getImage parameter. This vulnerability could allow a remote user to read files located on the server and gain access to sensitive information such as configuration files."
},
{
"lang": "es",
"value": "Vulnerabilidad de path traversal en el framework de Chalemelon Power, que afecta el par\u00e1metro getImage. Esta vulnerabilidad podr\u00eda permitir que un usuario remoto lea archivos ubicados en el servidor y obtenga acceso a informaci\u00f3n confidencial, como archivos de configuraci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +80,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hyphensolutions:chameleon_power:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6253E1-4E20-42BA-9C78-F0C07A866ACA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-vulnerability-chameleon-power-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Technical Description"
]
}
]
}

43
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-29T00:55:18.227353+00:00
2023-11-29T03:00:20.030738+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-29T00:15:07.243000+00:00
2023-11-29T02:37:33.630000+00:00
```
### Last Data Feed Release
@ -23,28 +23,53 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-11-28T01:00:13.532978+00:00
2023-11-29T01:00:13.561418+00:00
```
### Total Number of included CVEs
```plain
231660
231663
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `3`
* [CVE-2023-23324](CVE-2023/CVE-2023-233xx/CVE-2023-23324.json) (`2023-11-29T01:15:07.127`)
* [CVE-2023-23325](CVE-2023/CVE-2023-233xx/CVE-2023-23325.json) (`2023-11-29T01:15:07.187`)
* [CVE-2023-24294](CVE-2023/CVE-2023-242xx/CVE-2023-24294.json) (`2023-11-29T01:15:07.237`)
### CVEs modified in the last Commit
Recently modified CVEs: `3`
Recently modified CVEs: `28`
* [CVE-2023-3812](CVE-2023/CVE-2023-38xx/CVE-2023-3812.json) (`2023-11-29T00:15:06.933`)
* [CVE-2023-42753](CVE-2023/CVE-2023-427xx/CVE-2023-42753.json) (`2023-11-29T00:15:07.073`)
* [CVE-2023-5178](CVE-2023/CVE-2023-51xx/CVE-2023-5178.json) (`2023-11-29T00:15:07.243`)
* [CVE-2023-48705](CVE-2023/CVE-2023-487xx/CVE-2023-48705.json) (`2023-11-29T02:25:23.870`)
* [CVE-2023-47350](CVE-2023/CVE-2023-473xx/CVE-2023-47350.json) (`2023-11-29T02:25:35.663`)
* [CVE-2023-2889](CVE-2023/CVE-2023-28xx/CVE-2023-2889.json) (`2023-11-29T02:25:43.980`)
* [CVE-2023-6252](CVE-2023/CVE-2023-62xx/CVE-2023-6252.json) (`2023-11-29T02:26:07.880`)
* [CVE-2023-47014](CVE-2023/CVE-2023-470xx/CVE-2023-47014.json) (`2023-11-29T02:29:03.067`)
* [CVE-2023-47781](CVE-2023/CVE-2023-477xx/CVE-2023-47781.json) (`2023-11-29T02:29:15.833`)
* [CVE-2023-47792](CVE-2023/CVE-2023-477xx/CVE-2023-47792.json) (`2023-11-29T02:29:26.833`)
* [CVE-2023-47819](CVE-2023/CVE-2023-478xx/CVE-2023-47819.json) (`2023-11-29T02:29:33.000`)
* [CVE-2023-30496](CVE-2023/CVE-2023-304xx/CVE-2023-30496.json) (`2023-11-29T02:29:39.327`)
* [CVE-2023-47759](CVE-2023/CVE-2023-477xx/CVE-2023-47759.json) (`2023-11-29T02:30:03.937`)
* [CVE-2023-47824](CVE-2023/CVE-2023-478xx/CVE-2023-47824.json) (`2023-11-29T02:30:13.810`)
* [CVE-2023-47825](CVE-2023/CVE-2023-478xx/CVE-2023-47825.json) (`2023-11-29T02:30:21.970`)
* [CVE-2023-6238](CVE-2023/CVE-2023-62xx/CVE-2023-6238.json) (`2023-11-29T02:31:23.327`)
* [CVE-2023-48299](CVE-2023/CVE-2023-482xx/CVE-2023-48299.json) (`2023-11-29T02:31:52.117`)
* [CVE-2023-48239](CVE-2023/CVE-2023-482xx/CVE-2023-48239.json) (`2023-11-29T02:32:23.183`)
* [CVE-2023-48230](CVE-2023/CVE-2023-482xx/CVE-2023-48230.json) (`2023-11-29T02:35:10.457`)
* [CVE-2023-48228](CVE-2023/CVE-2023-482xx/CVE-2023-48228.json) (`2023-11-29T02:35:26.887`)
* [CVE-2023-48226](CVE-2023/CVE-2023-482xx/CVE-2023-48226.json) (`2023-11-29T02:35:48.987`)
* [CVE-2023-47643](CVE-2023/CVE-2023-476xx/CVE-2023-47643.json) (`2023-11-29T02:36:10.290`)
* [CVE-2023-22521](CVE-2023/CVE-2023-225xx/CVE-2023-22521.json) (`2023-11-29T02:36:19.223`)
* [CVE-2023-22516](CVE-2023/CVE-2023-225xx/CVE-2023-22516.json) (`2023-11-29T02:36:29.390`)
* [CVE-2023-20274](CVE-2023/CVE-2023-202xx/CVE-2023-20274.json) (`2023-11-29T02:36:46.983`)
* [CVE-2023-20272](CVE-2023/CVE-2023-202xx/CVE-2023-20272.json) (`2023-11-29T02:36:57.387`)
* [CVE-2023-20265](CVE-2023/CVE-2023-202xx/CVE-2023-20265.json) (`2023-11-29T02:37:14.087`)
* [CVE-2023-20208](CVE-2023/CVE-2023-202xx/CVE-2023-20208.json) (`2023-11-29T02:37:33.630`)
## Download and Usage