Auto-Update: 2023-06-22T02:00:28.536874+00:00

This commit is contained in:
cad-safe-bot 2023-06-22 02:00:32 +00:00
parent 3022bdc287
commit e362d714dc
20 changed files with 1050 additions and 55 deletions

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1049",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-06-14T08:15:08.773",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T00:57:14.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "cybersecurity@se.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,69 @@
"value": "CWE-94"
}
]
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3",
"matchCriteriaId": "5705916B-E189-4314-AD32-C8D42991DFA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.3:-:*:*:*:*:*:*",
"matchCriteriaId": "A6EAEC62-F689-43A2-8EDB-68867661ED92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.3:sp1:*:*:*:*:*:*",
"matchCriteriaId": "17F5EDCD-B9E6-40D7-88FC-C2685384C5B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:pro-face_blue:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3",
"matchCriteriaId": "297C4149-AA1F-4033-BD74-0FB908783399"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:pro-face_blue:3.3:-:*:*:*:*:*:*",
"matchCriteriaId": "FB229476-7E0C-46ED-817D-C9A72250CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:pro-face_blue:3.3:sp1:*:*:*:*:*:*",
"matchCriteriaId": "78D3C9DF-3354-47E0-881F-4B59CE22BCF7"
}
]
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-01.pdf",
"source": "cybersecurity@se.com"
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
]
}
]
}

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26427",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.073",
"lastModified": "2023-06-20T13:03:08.293",
"lastModified": "2023-06-22T00:15:46.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26428",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.163",
"lastModified": "2023-06-20T13:03:08.293",
"lastModified": "2023-06-22T00:15:47.120",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26429",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.230",
"lastModified": "2023-06-20T13:03:08.293",
"lastModified": "2023-06-22T00:15:47.190",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26431",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.297",
"lastModified": "2023-06-20T13:03:08.293",
"lastModified": "2023-06-22T00:15:47.260",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26432",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.360",
"lastModified": "2023-06-20T13:03:08.293",
"lastModified": "2023-06-22T00:15:47.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26433",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.427",
"lastModified": "2023-06-20T13:03:08.293",
"lastModified": "2023-06-22T00:15:47.413",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26434",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.487",
"lastModified": "2023-06-20T13:03:08.293",
"lastModified": "2023-06-22T00:15:47.480",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26435",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.547",
"lastModified": "2023-06-20T13:03:08.293",
"lastModified": "2023-06-22T00:15:47.550",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26436",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.607",
"lastModified": "2023-06-20T13:03:08.293",
"lastModified": "2023-06-22T00:15:47.627",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"

View File

@ -2,23 +2,291 @@
"id": "CVE-2023-31196",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-13T10:15:10.450",
"lastModified": "2023-06-13T13:00:37.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T00:39:39.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated attacker to obtain sensitive information of the affected products. Affected products and versions are as follows: AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPUM-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B07 and earlier"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-pd-wapu_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05_b04",
"matchCriteriaId": "1EBA3293-0B06-49DA-98B0-6DBE377C33D3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-pd-wapu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD102C1-A095-40AE-8463-A75679CE4F38"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-pd-wapum_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05_b04",
"matchCriteriaId": "A895D9FC-2A3C-4988-802B-8669E18AF4F5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-pd-wapum:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F8A92-34B5-4EB3-80A7-9A1835E6143A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-pd-wapu-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05_b04p",
"matchCriteriaId": "22AE9D59-9EE0-4286-99FD-87F8BEB5660E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-pd-wapu-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5CF9E1-B26F-430B-930A-43BF6A29F75B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-pd-wapum-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05_b04p",
"matchCriteriaId": "654D0464-B759-4D32-8DDD-81F59331C291"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-pd-wapum-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD85E35-1962-4B63-951D-AC6B35F240B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-wapu-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.00_b07",
"matchCriteriaId": "68C8C3E3-E6C2-4CBE-B5ED-EC030060E692"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-wapu-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "383369D2-D9D1-44F6-8323-712805103579"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-wapum-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.00_b07",
"matchCriteriaId": "AA85541E-423A-4029-A5AF-AAA01A021DBD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-wapum-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305906A3-AAA3-4CAD-A72D-B46838BA255F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-wapum-300-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.00_b07",
"matchCriteriaId": "93F275F4-6102-4A82-A617-41CB6E711FA1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-wapum-300-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B508D0-8D80-4308-ABC0-77A2F20359AF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-wapu-300-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.00_b07",
"matchCriteriaId": "33A9129B-ACDB-4FFD-AD0F-6E6D53A8E254"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-wapu-300-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "962D58E3-E4AE-46B6-9788-156C6AD995EC"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN28412757/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://www.inaba.co.jp/abaniact/news/Wi-Fi_AP_UNIT%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E8%A4%87%E6%95%B0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

View File

@ -2,23 +2,291 @@
"id": "CVE-2023-31198",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-13T10:15:10.493",
"lastModified": "2023-06-13T13:00:37.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T00:46:57.240",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OS command injection vulnerability exists in Wi-Fi AP UNIT allows. If this vulnerability is exploited, a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command. Affected products and versions are as follows: AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPUM-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B07 and earlier"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-pd-wapu_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05_b04",
"matchCriteriaId": "1EBA3293-0B06-49DA-98B0-6DBE377C33D3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-pd-wapu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD102C1-A095-40AE-8463-A75679CE4F38"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-pd-wapum_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05_b04",
"matchCriteriaId": "A895D9FC-2A3C-4988-802B-8669E18AF4F5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-pd-wapum:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F8A92-34B5-4EB3-80A7-9A1835E6143A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-pd-wapu-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05_b04p",
"matchCriteriaId": "22AE9D59-9EE0-4286-99FD-87F8BEB5660E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-pd-wapu-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5CF9E1-B26F-430B-930A-43BF6A29F75B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-pd-wapum-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05_b04p",
"matchCriteriaId": "654D0464-B759-4D32-8DDD-81F59331C291"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-pd-wapum-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD85E35-1962-4B63-951D-AC6B35F240B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-wapu-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.00_b07",
"matchCriteriaId": "68C8C3E3-E6C2-4CBE-B5ED-EC030060E692"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-wapu-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "383369D2-D9D1-44F6-8323-712805103579"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-wapum-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.00_b07",
"matchCriteriaId": "AA85541E-423A-4029-A5AF-AAA01A021DBD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-wapum-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305906A3-AAA3-4CAD-A72D-B46838BA255F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-wapum-300-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.00_b07",
"matchCriteriaId": "93F275F4-6102-4A82-A617-41CB6E711FA1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-wapum-300-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B508D0-8D80-4308-ABC0-77A2F20359AF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inaba:ac-wapu-300-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.00_b07",
"matchCriteriaId": "33A9129B-ACDB-4FFD-AD0F-6E6D53A8E254"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inaba:ac-wapu-300-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "962D58E3-E4AE-46B6-9788-156C6AD995EC"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN28412757/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://www.inaba.co.jp/abaniact/news/Wi-Fi_AP_UNIT%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E8%A4%87%E6%95%B0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31975",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.590",
"lastModified": "2023-06-21T21:15:11.250",
"lastModified": "2023-06-22T00:15:47.717",
"vulnStatus": "Modified",
"descriptions": [
{
@ -72,6 +72,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/10",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/13",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/2",
"source": "cve@mitre.org"

View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3161",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-12T20:15:12.910",
"lastModified": "2023-06-13T13:00:53.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T00:17:17.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-682"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,14 +56,105 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"matchCriteriaId": "108695B6-7133-4B6C-80AF-0F66880FE858"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*",
"matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*",
"matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213485",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33122",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:18.380",
"lastModified": "2023-06-21T20:32:43.770",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-06-22T00:05:51.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -92,8 +92,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.2.0",
"versionEndExcluding": "13.2.0.13",
"matchCriteriaId": "29CAB414-2971-4974-9F19-1809F33B9715"
"matchCriteriaId": "FC06105E-8D31-4AFD-88C6-2E58D01CFFE8"
},
{
"vulnerable": true,

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33476",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T14:15:09.437",
"lastModified": "2023-06-21T22:15:09.430",
"lastModified": "2023-06-22T00:15:47.853",
"vulnStatus": "Modified",
"descriptions": [
{
@ -91,6 +91,10 @@
"tags": [
"Product"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5434",
"source": "cve@mitre.org"
}
]
}

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34237",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-07T20:15:10.097",
"lastModified": "2023-06-07T20:24:12.193",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T00:05:35.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,22 +76,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sabnzbd:sabnzbd:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.1.0",
"versionEndExcluding": "4.0.2",
"matchCriteriaId": "0793A3BA-34F2-4029-8CF1-CDAB4F72F1B5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sabnzbd/sabnzbd/commit/422b4fce7bfd56e95a315be0400cdfdc585df7cc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/sabnzbd/sabnzbd/commit/e3a722664819d1c7c8fab97144cc299b1c18b429",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-hhgh-xgh3-985r",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sabnzbd.org/wiki/configuration/4.0/general",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34238",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-08T00:15:09.907",
"lastModified": "2023-06-08T02:44:28.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T00:11:42.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gatsbyjs:gatsby:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "4.25.7",
"matchCriteriaId": "1440439C-1B43-4FD0-827C-494618E603FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gatsbyjs:gatsby:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.9.1",
"matchCriteriaId": "5884BD00-9554-40D4-9191-11FD8B156579"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gatsbyjs/gatsby/commit/ae5a654eb346b2e7a9d341b809b2f82d34c0f17c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/gatsbyjs/gatsby/commit/fc22f4ba3ad7ca5fb3592f38f4f0ca8ae60b4bf7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/gatsbyjs/gatsby/security/advisories/GHSA-c6f8-8r25-c4gc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34940",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-12T20:15:12.723",
"lastModified": "2023-06-13T13:01:10.377",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T00:25:59.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asus:rt-n10lx_firmware:2.0.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EC1456-4577-4859-BD0F-92730E14A953"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:asus:rt-n10lx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D86D41E-35A2-4713-BDFE-5577586D0DE1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OlivierLaflamme/cve/blob/main/ASUS-N10LX_2.0.0.39/URLFilterList_Stack_BOF.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-21T23:55:26.618815+00:00
2023-06-22T02:00:28.536874+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-21T22:15:09.430000+00:00
2023-06-22T00:57:14.267000+00:00
```
### Last Data Feed Release
@ -23,7 +23,7 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-06-21T00:00:13.655453+00:00
2023-06-22T00:00:13.547547+00:00
```
### Total Number of included CVEs
@ -40,9 +40,27 @@ Recently added CVEs: `0`
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `19`
* [CVE-2023-33476](CVE-2023/CVE-2023-334xx/CVE-2023-33476.json) (`2023-06-21T22:15:09.430`)
* [CVE-2023-34237](CVE-2023/CVE-2023-342xx/CVE-2023-34237.json) (`2023-06-22T00:05:35.827`)
* [CVE-2023-33122](CVE-2023/CVE-2023-331xx/CVE-2023-33122.json) (`2023-06-22T00:05:51.170`)
* [CVE-2023-34238](CVE-2023/CVE-2023-342xx/CVE-2023-34238.json) (`2023-06-22T00:11:42.943`)
* [CVE-2023-26427](CVE-2023/CVE-2023-264xx/CVE-2023-26427.json) (`2023-06-22T00:15:46.907`)
* [CVE-2023-26428](CVE-2023/CVE-2023-264xx/CVE-2023-26428.json) (`2023-06-22T00:15:47.120`)
* [CVE-2023-26429](CVE-2023/CVE-2023-264xx/CVE-2023-26429.json) (`2023-06-22T00:15:47.190`)
* [CVE-2023-26431](CVE-2023/CVE-2023-264xx/CVE-2023-26431.json) (`2023-06-22T00:15:47.260`)
* [CVE-2023-26432](CVE-2023/CVE-2023-264xx/CVE-2023-26432.json) (`2023-06-22T00:15:47.337`)
* [CVE-2023-26433](CVE-2023/CVE-2023-264xx/CVE-2023-26433.json) (`2023-06-22T00:15:47.413`)
* [CVE-2023-26434](CVE-2023/CVE-2023-264xx/CVE-2023-26434.json) (`2023-06-22T00:15:47.480`)
* [CVE-2023-26435](CVE-2023/CVE-2023-264xx/CVE-2023-26435.json) (`2023-06-22T00:15:47.550`)
* [CVE-2023-26436](CVE-2023/CVE-2023-264xx/CVE-2023-26436.json) (`2023-06-22T00:15:47.627`)
* [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-06-22T00:15:47.717`)
* [CVE-2023-33476](CVE-2023/CVE-2023-334xx/CVE-2023-33476.json) (`2023-06-22T00:15:47.853`)
* [CVE-2023-3161](CVE-2023/CVE-2023-31xx/CVE-2023-3161.json) (`2023-06-22T00:17:17.553`)
* [CVE-2023-34940](CVE-2023/CVE-2023-349xx/CVE-2023-34940.json) (`2023-06-22T00:25:59.467`)
* [CVE-2023-31196](CVE-2023/CVE-2023-311xx/CVE-2023-31196.json) (`2023-06-22T00:39:39.483`)
* [CVE-2023-31198](CVE-2023/CVE-2023-311xx/CVE-2023-31198.json) (`2023-06-22T00:46:57.240`)
* [CVE-2023-1049](CVE-2023/CVE-2023-10xx/CVE-2023-1049.json) (`2023-06-22T00:57:14.267`)
## Download and Usage