mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-11 16:13:34 +00:00
Auto-Update: 2023-06-22T02:00:28.536874+00:00
This commit is contained in:
parent
3022bdc287
commit
e362d714dc
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-1049",
|
||||
"sourceIdentifier": "cybersecurity@se.com",
|
||||
"published": "2023-06-14T08:15:08.773",
|
||||
"lastModified": "2023-06-14T12:54:19.587",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-06-22T00:57:14.267",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -12,6 +12,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "LOCAL",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 1.8,
|
||||
"impactScore": 5.9
|
||||
},
|
||||
{
|
||||
"source": "cybersecurity@se.com",
|
||||
"type": "Secondary",
|
||||
@ -36,7 +56,7 @@
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cybersecurity@se.com",
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
@ -44,12 +64,69 @@
|
||||
"value": "CWE-94"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "cybersecurity@se.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-94"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "3.3",
|
||||
"matchCriteriaId": "5705916B-E189-4314-AD32-C8D42991DFA2"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.3:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A6EAEC62-F689-43A2-8EDB-68867661ED92"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.3:sp1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "17F5EDCD-B9E6-40D7-88FC-C2685384C5B4"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:schneider-electric:pro-face_blue:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "3.3",
|
||||
"matchCriteriaId": "297C4149-AA1F-4033-BD74-0FB908783399"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:schneider-electric:pro-face_blue:3.3:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "FB229476-7E0C-46ED-817D-C9A72250CC5D"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:schneider-electric:pro-face_blue:3.3:sp1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "78D3C9DF-3354-47E0-881F-4B59CE22BCF7"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-01.pdf",
|
||||
"source": "cybersecurity@se.com"
|
||||
"source": "cybersecurity@se.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-26427",
|
||||
"sourceIdentifier": "security@open-xchange.com",
|
||||
"published": "2023-06-20T08:15:09.073",
|
||||
"lastModified": "2023-06-20T13:03:08.293",
|
||||
"lastModified": "2023-06-22T00:15:46.907",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -47,6 +47,10 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
|
||||
"source": "security@open-xchange.com"
|
||||
},
|
||||
{
|
||||
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
|
||||
"source": "security@open-xchange.com"
|
||||
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-26428",
|
||||
"sourceIdentifier": "security@open-xchange.com",
|
||||
"published": "2023-06-20T08:15:09.163",
|
||||
"lastModified": "2023-06-20T13:03:08.293",
|
||||
"lastModified": "2023-06-22T00:15:47.120",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -47,6 +47,10 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
|
||||
"source": "security@open-xchange.com"
|
||||
},
|
||||
{
|
||||
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
|
||||
"source": "security@open-xchange.com"
|
||||
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-26429",
|
||||
"sourceIdentifier": "security@open-xchange.com",
|
||||
"published": "2023-06-20T08:15:09.230",
|
||||
"lastModified": "2023-06-20T13:03:08.293",
|
||||
"lastModified": "2023-06-22T00:15:47.190",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -47,6 +47,10 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
|
||||
"source": "security@open-xchange.com"
|
||||
},
|
||||
{
|
||||
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
|
||||
"source": "security@open-xchange.com"
|
||||
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-26431",
|
||||
"sourceIdentifier": "security@open-xchange.com",
|
||||
"published": "2023-06-20T08:15:09.297",
|
||||
"lastModified": "2023-06-20T13:03:08.293",
|
||||
"lastModified": "2023-06-22T00:15:47.260",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -47,6 +47,10 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
|
||||
"source": "security@open-xchange.com"
|
||||
},
|
||||
{
|
||||
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
|
||||
"source": "security@open-xchange.com"
|
||||
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-26432",
|
||||
"sourceIdentifier": "security@open-xchange.com",
|
||||
"published": "2023-06-20T08:15:09.360",
|
||||
"lastModified": "2023-06-20T13:03:08.293",
|
||||
"lastModified": "2023-06-22T00:15:47.337",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -47,6 +47,10 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
|
||||
"source": "security@open-xchange.com"
|
||||
},
|
||||
{
|
||||
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
|
||||
"source": "security@open-xchange.com"
|
||||
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-26433",
|
||||
"sourceIdentifier": "security@open-xchange.com",
|
||||
"published": "2023-06-20T08:15:09.427",
|
||||
"lastModified": "2023-06-20T13:03:08.293",
|
||||
"lastModified": "2023-06-22T00:15:47.413",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -47,6 +47,10 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
|
||||
"source": "security@open-xchange.com"
|
||||
},
|
||||
{
|
||||
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
|
||||
"source": "security@open-xchange.com"
|
||||
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-26434",
|
||||
"sourceIdentifier": "security@open-xchange.com",
|
||||
"published": "2023-06-20T08:15:09.487",
|
||||
"lastModified": "2023-06-20T13:03:08.293",
|
||||
"lastModified": "2023-06-22T00:15:47.480",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -47,6 +47,10 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
|
||||
"source": "security@open-xchange.com"
|
||||
},
|
||||
{
|
||||
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
|
||||
"source": "security@open-xchange.com"
|
||||
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-26435",
|
||||
"sourceIdentifier": "security@open-xchange.com",
|
||||
"published": "2023-06-20T08:15:09.547",
|
||||
"lastModified": "2023-06-20T13:03:08.293",
|
||||
"lastModified": "2023-06-22T00:15:47.550",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -47,6 +47,10 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
|
||||
"source": "security@open-xchange.com"
|
||||
},
|
||||
{
|
||||
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
|
||||
"source": "security@open-xchange.com"
|
||||
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-26436",
|
||||
"sourceIdentifier": "security@open-xchange.com",
|
||||
"published": "2023-06-20T08:15:09.607",
|
||||
"lastModified": "2023-06-20T13:03:08.293",
|
||||
"lastModified": "2023-06-22T00:15:47.627",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -47,6 +47,10 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
|
||||
"source": "security@open-xchange.com"
|
||||
},
|
||||
{
|
||||
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
|
||||
"source": "security@open-xchange.com"
|
||||
|
@ -2,23 +2,291 @@
|
||||
"id": "CVE-2023-31196",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.450",
|
||||
"lastModified": "2023-06-13T13:00:37.647",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-06-22T00:39:39.483",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated attacker to obtain sensitive information of the affected products. Affected products and versions are as follows: AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPUM-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B07 and earlier"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-306"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-pd-wapu_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.05_b04",
|
||||
"matchCriteriaId": "1EBA3293-0B06-49DA-98B0-6DBE377C33D3"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-pd-wapu:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0DD102C1-A095-40AE-8463-A75679CE4F38"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-pd-wapum_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.05_b04",
|
||||
"matchCriteriaId": "A895D9FC-2A3C-4988-802B-8669E18AF4F5"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-pd-wapum:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DB9F8A92-34B5-4EB3-80A7-9A1835E6143A"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-pd-wapu-p_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.05_b04p",
|
||||
"matchCriteriaId": "22AE9D59-9EE0-4286-99FD-87F8BEB5660E"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-pd-wapu-p:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2E5CF9E1-B26F-430B-930A-43BF6A29F75B"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-pd-wapum-p_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.05_b04p",
|
||||
"matchCriteriaId": "654D0464-B759-4D32-8DDD-81F59331C291"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-pd-wapum-p:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "ADD85E35-1962-4B63-951D-AC6B35F240B7"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-wapu-300_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.00_b07",
|
||||
"matchCriteriaId": "68C8C3E3-E6C2-4CBE-B5ED-EC030060E692"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-wapu-300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "383369D2-D9D1-44F6-8323-712805103579"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-wapum-300_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.00_b07",
|
||||
"matchCriteriaId": "AA85541E-423A-4029-A5AF-AAA01A021DBD"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-wapum-300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "305906A3-AAA3-4CAD-A72D-B46838BA255F"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-wapum-300-p_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.00_b07",
|
||||
"matchCriteriaId": "93F275F4-6102-4A82-A617-41CB6E711FA1"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-wapum-300-p:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C1B508D0-8D80-4308-ABC0-77A2F20359AF"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-wapu-300-p_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.00_b07",
|
||||
"matchCriteriaId": "33A9129B-ACDB-4FFD-AD0F-6E6D53A8E254"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-wapu-300-p:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "962D58E3-E4AE-46B6-9788-156C6AD995EC"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN28412757/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
"tags": [
|
||||
"Mitigation",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.inaba.co.jp/abaniact/news/Wi-Fi_AP_UNIT%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E8%A4%87%E6%95%B0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,23 +2,291 @@
|
||||
"id": "CVE-2023-31198",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.493",
|
||||
"lastModified": "2023-06-13T13:00:37.647",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-06-22T00:46:57.240",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "OS command injection vulnerability exists in Wi-Fi AP UNIT allows. If this vulnerability is exploited, a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command. Affected products and versions are as follows: AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPUM-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B07 and earlier"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.2,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 1.2,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-78"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-pd-wapu_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.05_b04",
|
||||
"matchCriteriaId": "1EBA3293-0B06-49DA-98B0-6DBE377C33D3"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-pd-wapu:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0DD102C1-A095-40AE-8463-A75679CE4F38"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-pd-wapum_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.05_b04",
|
||||
"matchCriteriaId": "A895D9FC-2A3C-4988-802B-8669E18AF4F5"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-pd-wapum:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "DB9F8A92-34B5-4EB3-80A7-9A1835E6143A"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-pd-wapu-p_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.05_b04p",
|
||||
"matchCriteriaId": "22AE9D59-9EE0-4286-99FD-87F8BEB5660E"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-pd-wapu-p:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2E5CF9E1-B26F-430B-930A-43BF6A29F75B"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-pd-wapum-p_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.05_b04p",
|
||||
"matchCriteriaId": "654D0464-B759-4D32-8DDD-81F59331C291"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-pd-wapum-p:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "ADD85E35-1962-4B63-951D-AC6B35F240B7"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-wapu-300_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.00_b07",
|
||||
"matchCriteriaId": "68C8C3E3-E6C2-4CBE-B5ED-EC030060E692"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-wapu-300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "383369D2-D9D1-44F6-8323-712805103579"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-wapum-300_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.00_b07",
|
||||
"matchCriteriaId": "AA85541E-423A-4029-A5AF-AAA01A021DBD"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-wapum-300:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "305906A3-AAA3-4CAD-A72D-B46838BA255F"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-wapum-300-p_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.00_b07",
|
||||
"matchCriteriaId": "93F275F4-6102-4A82-A617-41CB6E711FA1"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-wapum-300-p:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "C1B508D0-8D80-4308-ABC0-77A2F20359AF"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:inaba:ac-wapu-300-p_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndIncluding": "1.00_b07",
|
||||
"matchCriteriaId": "33A9129B-ACDB-4FFD-AD0F-6E6D53A8E254"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:inaba:ac-wapu-300-p:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "962D58E3-E4AE-46B6-9788-156C6AD995EC"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN28412757/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
"tags": [
|
||||
"Mitigation",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.inaba.co.jp/abaniact/news/Wi-Fi_AP_UNIT%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E8%A4%87%E6%95%B0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-31975",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2023-05-09T13:15:18.590",
|
||||
"lastModified": "2023-06-21T21:15:11.250",
|
||||
"lastModified": "2023-06-22T00:15:47.717",
|
||||
"vulnStatus": "Modified",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -72,6 +72,10 @@
|
||||
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/10",
|
||||
"source": "cve@mitre.org"
|
||||
},
|
||||
{
|
||||
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/13",
|
||||
"source": "cve@mitre.org"
|
||||
},
|
||||
{
|
||||
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/2",
|
||||
"source": "cve@mitre.org"
|
||||
|
@ -2,16 +2,49 @@
|
||||
"id": "CVE-2023-3161",
|
||||
"sourceIdentifier": "secalert@redhat.com",
|
||||
"published": "2023-06-12T20:15:12.910",
|
||||
"lastModified": "2023-06-13T13:00:53.777",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-06-22T00:17:17.553",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"attackVector": "LOCAL",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 5.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.8,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-682"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
@ -23,14 +56,105 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "6.2",
|
||||
"matchCriteriaId": "108695B6-7133-4B6C-80AF-0F66880FE858"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213485",
|
||||
"source": "secalert@redhat.com"
|
||||
"source": "secalert@redhat.com",
|
||||
"tags": [
|
||||
"Issue Tracking",
|
||||
"Patch",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be",
|
||||
"source": "secalert@redhat.com"
|
||||
"source": "secalert@redhat.com",
|
||||
"tags": [
|
||||
"Patch"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-33122",
|
||||
"sourceIdentifier": "productcert@siemens.com",
|
||||
"published": "2023-06-13T09:15:18.380",
|
||||
"lastModified": "2023-06-21T20:32:43.770",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"lastModified": "2023-06-22T00:05:51.170",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -92,8 +92,9 @@
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
|
||||
"versionStartIncluding": "13.2.0",
|
||||
"versionEndExcluding": "13.2.0.13",
|
||||
"matchCriteriaId": "29CAB414-2971-4974-9F19-1809F33B9715"
|
||||
"matchCriteriaId": "FC06105E-8D31-4AFD-88C6-2E58D01CFFE8"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
|
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2023-33476",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2023-06-02T14:15:09.437",
|
||||
"lastModified": "2023-06-21T22:15:09.430",
|
||||
"lastModified": "2023-06-22T00:15:47.853",
|
||||
"vulnStatus": "Modified",
|
||||
"descriptions": [
|
||||
{
|
||||
@ -91,6 +91,10 @@
|
||||
"tags": [
|
||||
"Product"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.debian.org/security/2023/dsa-5434",
|
||||
"source": "cve@mitre.org"
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-34237",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2023-06-07T20:15:10.097",
|
||||
"lastModified": "2023-06-07T20:24:12.193",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-06-22T00:05:35.827",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -12,6 +12,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
},
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Secondary",
|
||||
@ -36,8 +56,18 @@
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "NVD-CWE-noinfo"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -46,22 +76,53 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:sabnzbd:sabnzbd:*:*:*:*:*:*:*:*",
|
||||
"versionStartIncluding": "1.1.0",
|
||||
"versionEndExcluding": "4.0.2",
|
||||
"matchCriteriaId": "0793A3BA-34F2-4029-8CF1-CDAB4F72F1B5"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/sabnzbd/sabnzbd/commit/422b4fce7bfd56e95a315be0400cdfdc585df7cc",
|
||||
"source": "security-advisories@github.com"
|
||||
"source": "security-advisories@github.com",
|
||||
"tags": [
|
||||
"Patch"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/sabnzbd/sabnzbd/commit/e3a722664819d1c7c8fab97144cc299b1c18b429",
|
||||
"source": "security-advisories@github.com"
|
||||
"source": "security-advisories@github.com",
|
||||
"tags": [
|
||||
"Patch"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-hhgh-xgh3-985r",
|
||||
"source": "security-advisories@github.com"
|
||||
"source": "security-advisories@github.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://sabnzbd.org/wiki/configuration/4.0/general",
|
||||
"source": "security-advisories@github.com"
|
||||
"source": "security-advisories@github.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-34238",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2023-06-08T00:15:09.907",
|
||||
"lastModified": "2023-06-08T02:44:28.663",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-06-22T00:11:42.943",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -12,6 +12,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 1.4
|
||||
},
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Secondary",
|
||||
@ -36,8 +56,18 @@
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "NVD-CWE-noinfo"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -46,18 +76,54 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:gatsbyjs:gatsby:*:*:*:*:*:node.js:*:*",
|
||||
"versionEndExcluding": "4.25.7",
|
||||
"matchCriteriaId": "1440439C-1B43-4FD0-827C-494618E603FE"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:gatsbyjs:gatsby:*:*:*:*:*:node.js:*:*",
|
||||
"versionStartIncluding": "5.0.0",
|
||||
"versionEndExcluding": "5.9.1",
|
||||
"matchCriteriaId": "5884BD00-9554-40D4-9191-11FD8B156579"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/gatsbyjs/gatsby/commit/ae5a654eb346b2e7a9d341b809b2f82d34c0f17c",
|
||||
"source": "security-advisories@github.com"
|
||||
"source": "security-advisories@github.com",
|
||||
"tags": [
|
||||
"Patch"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/gatsbyjs/gatsby/commit/fc22f4ba3ad7ca5fb3592f38f4f0ca8ae60b4bf7",
|
||||
"source": "security-advisories@github.com"
|
||||
"source": "security-advisories@github.com",
|
||||
"tags": [
|
||||
"Patch"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/gatsbyjs/gatsby/security/advisories/GHSA-c6f8-8r25-c4gc",
|
||||
"source": "security-advisories@github.com"
|
||||
"source": "security-advisories@github.com",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Mitigation",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,19 +2,87 @@
|
||||
"id": "CVE-2023-34940",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2023-06-12T20:15:12.723",
|
||||
"lastModified": "2023-06-13T13:01:10.377",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-06-22T00:25:59.467",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "** UNSUPPORTED WHEN ASSIGNED ** Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-787"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:asus:rt-n10lx_firmware:2.0.0.39:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "F5EC1456-4577-4859-BD0F-92730E14A953"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:asus:rt-n10lx:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "2D86D41E-35A2-4713-BDFE-5577586D0DE1"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/OlivierLaflamme/cve/blob/main/ASUS-N10LX_2.0.0.39/URLFilterList_Stack_BOF.md",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
28
README.md
28
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2023-06-21T23:55:26.618815+00:00
|
||||
2023-06-22T02:00:28.536874+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2023-06-21T22:15:09.430000+00:00
|
||||
2023-06-22T00:57:14.267000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -23,7 +23,7 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
|
||||
|
||||
```plain
|
||||
2023-06-21T00:00:13.655453+00:00
|
||||
2023-06-22T00:00:13.547547+00:00
|
||||
```
|
||||
|
||||
### Total Number of included CVEs
|
||||
@ -40,9 +40,27 @@ Recently added CVEs: `0`
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
Recently modified CVEs: `1`
|
||||
Recently modified CVEs: `19`
|
||||
|
||||
* [CVE-2023-33476](CVE-2023/CVE-2023-334xx/CVE-2023-33476.json) (`2023-06-21T22:15:09.430`)
|
||||
* [CVE-2023-34237](CVE-2023/CVE-2023-342xx/CVE-2023-34237.json) (`2023-06-22T00:05:35.827`)
|
||||
* [CVE-2023-33122](CVE-2023/CVE-2023-331xx/CVE-2023-33122.json) (`2023-06-22T00:05:51.170`)
|
||||
* [CVE-2023-34238](CVE-2023/CVE-2023-342xx/CVE-2023-34238.json) (`2023-06-22T00:11:42.943`)
|
||||
* [CVE-2023-26427](CVE-2023/CVE-2023-264xx/CVE-2023-26427.json) (`2023-06-22T00:15:46.907`)
|
||||
* [CVE-2023-26428](CVE-2023/CVE-2023-264xx/CVE-2023-26428.json) (`2023-06-22T00:15:47.120`)
|
||||
* [CVE-2023-26429](CVE-2023/CVE-2023-264xx/CVE-2023-26429.json) (`2023-06-22T00:15:47.190`)
|
||||
* [CVE-2023-26431](CVE-2023/CVE-2023-264xx/CVE-2023-26431.json) (`2023-06-22T00:15:47.260`)
|
||||
* [CVE-2023-26432](CVE-2023/CVE-2023-264xx/CVE-2023-26432.json) (`2023-06-22T00:15:47.337`)
|
||||
* [CVE-2023-26433](CVE-2023/CVE-2023-264xx/CVE-2023-26433.json) (`2023-06-22T00:15:47.413`)
|
||||
* [CVE-2023-26434](CVE-2023/CVE-2023-264xx/CVE-2023-26434.json) (`2023-06-22T00:15:47.480`)
|
||||
* [CVE-2023-26435](CVE-2023/CVE-2023-264xx/CVE-2023-26435.json) (`2023-06-22T00:15:47.550`)
|
||||
* [CVE-2023-26436](CVE-2023/CVE-2023-264xx/CVE-2023-26436.json) (`2023-06-22T00:15:47.627`)
|
||||
* [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-06-22T00:15:47.717`)
|
||||
* [CVE-2023-33476](CVE-2023/CVE-2023-334xx/CVE-2023-33476.json) (`2023-06-22T00:15:47.853`)
|
||||
* [CVE-2023-3161](CVE-2023/CVE-2023-31xx/CVE-2023-3161.json) (`2023-06-22T00:17:17.553`)
|
||||
* [CVE-2023-34940](CVE-2023/CVE-2023-349xx/CVE-2023-34940.json) (`2023-06-22T00:25:59.467`)
|
||||
* [CVE-2023-31196](CVE-2023/CVE-2023-311xx/CVE-2023-31196.json) (`2023-06-22T00:39:39.483`)
|
||||
* [CVE-2023-31198](CVE-2023/CVE-2023-311xx/CVE-2023-31198.json) (`2023-06-22T00:46:57.240`)
|
||||
* [CVE-2023-1049](CVE-2023/CVE-2023-10xx/CVE-2023-1049.json) (`2023-06-22T00:57:14.267`)
|
||||
|
||||
|
||||
## Download and Usage
|
||||
|
Loading…
x
Reference in New Issue
Block a user