mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2023-09-28T02:00:25.747309+00:00
This commit is contained in:
parent
e586611045
commit
e4aea89a7b
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-23958",
|
||||
"sourceIdentifier": "secure@symantec.com",
|
||||
"published": "2023-09-27T15:18:46.280",
|
||||
"lastModified": "2023-09-27T15:41:20.127",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:14:41.083",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -12,6 +12,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 3.6
|
||||
},
|
||||
{
|
||||
"source": "secure@symantec.com",
|
||||
"type": "Secondary",
|
||||
@ -35,6 +55,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "NVD-CWE-noinfo"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "secure@symantec.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +76,32 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "9.1.0",
|
||||
"matchCriteriaId": "589D3A88-B848-4260-AE09-C83FFF97FFCB"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22599",
|
||||
"source": "secure@symantec.com"
|
||||
"source": "secure@symantec.com",
|
||||
"tags": [
|
||||
"Mitigation",
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-4088",
|
||||
"sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
|
||||
"published": "2023-09-20T03:15:13.687",
|
||||
"lastModified": "2023-09-25T16:28:53.753",
|
||||
"vulnStatus": "Analyzed",
|
||||
"lastModified": "2023-09-28T00:15:09.553",
|
||||
"vulnStatus": "Modified",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -98,6 +98,14 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/vu/JVNVU96447193/index.html",
|
||||
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-269-03",
|
||||
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-010_en.pdf",
|
||||
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
|
||||
|
@ -2,23 +2,83 @@
|
||||
"id": "CVE-2023-41962",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-09-27T15:19:31.577",
|
||||
"lastModified": "2023-09-27T15:41:42.647",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:06:56.717",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.1,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 2.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:*",
|
||||
"versionStartIncluding": "2.7",
|
||||
"versionEndIncluding": "2.8.21",
|
||||
"matchCriteriaId": "3A07E8A8-4F65-42E9-8AFE-B5E4A7D23CCF"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN97197972/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.welcart.com/archives/20106.html",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
"tags": [
|
||||
"Release Notes"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,23 +2,83 @@
|
||||
"id": "CVE-2023-43614",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-09-27T15:19:34.280",
|
||||
"lastModified": "2023-09-27T15:41:42.647",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:10:50.470",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.1,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 2.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:*",
|
||||
"versionStartIncluding": "2.7",
|
||||
"versionEndIncluding": "2.8.21",
|
||||
"matchCriteriaId": "3A07E8A8-4F65-42E9-8AFE-B5E4A7D23CCF"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN97197972/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.welcart.com/archives/20106.html",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
"tags": [
|
||||
"Release Notes"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44152",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:37.493",
|
||||
"lastModified": "2023-09-27T15:41:26.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:22:12.437",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 9.1,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.2
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-287"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,83 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-1908",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44153",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:37.570",
|
||||
"lastModified": "2023-09-27T15:41:26.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:23:03.267",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-312"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,83 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-1994",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44154",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:37.650",
|
||||
"lastModified": "2023-09-27T15:41:26.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:27:19.867",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 9.1,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.2
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-863"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,78 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-2436",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44155",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:37.730",
|
||||
"lastModified": "2023-09-27T15:41:26.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:28:18.913",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-532"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,78 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-3471",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44156",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:37.817",
|
||||
"lastModified": "2023-09-27T15:41:26.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:31:19.293",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "NVD-CWE-noinfo"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,78 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-5124",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44157",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:37.897",
|
||||
"lastModified": "2023-09-27T15:41:31.350",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:36:28.527",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "LOCAL",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 1.8,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-276"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,73 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-3956",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44158",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:37.980",
|
||||
"lastModified": "2023-09-27T15:41:26.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:38:48.113",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-522"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,78 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-4071",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44159",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:38.063",
|
||||
"lastModified": "2023-09-27T15:41:26.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:45:43.997",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-312"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,78 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-5787",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44160",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:38.223",
|
||||
"lastModified": "2023-09-27T15:41:26.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:47:00.950",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,78 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-4083",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44161",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:38.323",
|
||||
"lastModified": "2023-09-27T15:41:26.297",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:52:50.597",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,78 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-4084",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-44207",
|
||||
"sourceIdentifier": "security@acronis.com",
|
||||
"published": "2023-09-27T15:19:39.477",
|
||||
"lastModified": "2023-09-27T15:41:20.127",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-09-28T01:58:26.690",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -11,6 +11,28 @@
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.4,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.3,
|
||||
"impactScore": 2.7
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
@ -35,6 +57,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "security@acronis.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +78,78 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "15",
|
||||
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
|
||||
},
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
|
||||
},
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security-advisory.acronis.com/advisories/SEC-5914",
|
||||
"source": "security@acronis.com"
|
||||
"source": "security@acronis.com",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
59
CVE-2023/CVE-2023-52xx/CVE-2023-5244.json
Normal file
59
CVE-2023/CVE-2023-52xx/CVE-2023-5244.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2023-5244",
|
||||
"sourceIdentifier": "security@huntr.dev",
|
||||
"published": "2023-09-28T01:15:09.060",
|
||||
"lastModified": "2023-09-28T01:15:09.060",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 2.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@huntr.dev",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.0",
|
||||
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "HIGH",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5.0,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.6,
|
||||
"impactScore": 3.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@huntr.dev",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/microweber/microweber/commit/1cb846f8f54ff6f5c668f3ae64dd81740a7e8968",
|
||||
"source": "security@huntr.dev"
|
||||
},
|
||||
{
|
||||
"url": "https://huntr.dev/bounties/a3bd58ba-ca59-4cba-85d1-799f73a76470",
|
||||
"source": "security@huntr.dev"
|
||||
}
|
||||
]
|
||||
}
|
43
README.md
43
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2023-09-27T23:55:24.740814+00:00
|
||||
2023-09-28T02:00:25.747309+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2023-09-27T23:15:12.113000+00:00
|
||||
2023-09-28T01:58:26.690000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -23,40 +23,41 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
|
||||
|
||||
```plain
|
||||
2023-09-27T00:00:13.558556+00:00
|
||||
2023-09-28T00:00:13.573620+00:00
|
||||
```
|
||||
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
226482
|
||||
226483
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `13`
|
||||
Recently added CVEs: `1`
|
||||
|
||||
* [CVE-2023-43192](CVE-2023/CVE-2023-431xx/CVE-2023-43192.json) (`2023-09-27T22:15:09.700`)
|
||||
* [CVE-2023-43660](CVE-2023/CVE-2023-436xx/CVE-2023-43660.json) (`2023-09-27T22:15:10.730`)
|
||||
* [CVE-2023-44080](CVE-2023/CVE-2023-440xx/CVE-2023-44080.json) (`2023-09-27T22:15:11.783`)
|
||||
* [CVE-2023-41445](CVE-2023/CVE-2023-414xx/CVE-2023-41445.json) (`2023-09-27T23:15:10.150`)
|
||||
* [CVE-2023-41448](CVE-2023/CVE-2023-414xx/CVE-2023-41448.json) (`2023-09-27T23:15:11.667`)
|
||||
* [CVE-2023-41449](CVE-2023/CVE-2023-414xx/CVE-2023-41449.json) (`2023-09-27T23:15:11.730`)
|
||||
* [CVE-2023-41451](CVE-2023/CVE-2023-414xx/CVE-2023-41451.json) (`2023-09-27T23:15:11.787`)
|
||||
* [CVE-2023-41452](CVE-2023/CVE-2023-414xx/CVE-2023-41452.json) (`2023-09-27T23:15:11.843`)
|
||||
* [CVE-2023-41453](CVE-2023/CVE-2023-414xx/CVE-2023-41453.json) (`2023-09-27T23:15:11.900`)
|
||||
* [CVE-2023-43191](CVE-2023/CVE-2023-431xx/CVE-2023-43191.json) (`2023-09-27T23:15:11.960`)
|
||||
* [CVE-2023-43233](CVE-2023/CVE-2023-432xx/CVE-2023-43233.json) (`2023-09-27T23:15:12.007`)
|
||||
* [CVE-2023-43314](CVE-2023/CVE-2023-433xx/CVE-2023-43314.json) (`2023-09-27T23:15:12.057`)
|
||||
* [CVE-2023-43320](CVE-2023/CVE-2023-433xx/CVE-2023-43320.json) (`2023-09-27T23:15:12.113`)
|
||||
* [CVE-2023-5244](CVE-2023/CVE-2023-52xx/CVE-2023-5244.json) (`2023-09-28T01:15:09.060`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
Recently modified CVEs: `2`
|
||||
Recently modified CVEs: `15`
|
||||
|
||||
* [CVE-2023-44047](CVE-2023/CVE-2023-440xx/CVE-2023-44047.json) (`2023-09-27T22:15:11.283`)
|
||||
* [CVE-2023-44048](CVE-2023/CVE-2023-440xx/CVE-2023-44048.json) (`2023-09-27T22:15:11.513`)
|
||||
* [CVE-2023-4088](CVE-2023/CVE-2023-40xx/CVE-2023-4088.json) (`2023-09-28T00:15:09.553`)
|
||||
* [CVE-2023-41962](CVE-2023/CVE-2023-419xx/CVE-2023-41962.json) (`2023-09-28T01:06:56.717`)
|
||||
* [CVE-2023-43614](CVE-2023/CVE-2023-436xx/CVE-2023-43614.json) (`2023-09-28T01:10:50.470`)
|
||||
* [CVE-2023-23958](CVE-2023/CVE-2023-239xx/CVE-2023-23958.json) (`2023-09-28T01:14:41.083`)
|
||||
* [CVE-2023-44152](CVE-2023/CVE-2023-441xx/CVE-2023-44152.json) (`2023-09-28T01:22:12.437`)
|
||||
* [CVE-2023-44153](CVE-2023/CVE-2023-441xx/CVE-2023-44153.json) (`2023-09-28T01:23:03.267`)
|
||||
* [CVE-2023-44154](CVE-2023/CVE-2023-441xx/CVE-2023-44154.json) (`2023-09-28T01:27:19.867`)
|
||||
* [CVE-2023-44155](CVE-2023/CVE-2023-441xx/CVE-2023-44155.json) (`2023-09-28T01:28:18.913`)
|
||||
* [CVE-2023-44156](CVE-2023/CVE-2023-441xx/CVE-2023-44156.json) (`2023-09-28T01:31:19.293`)
|
||||
* [CVE-2023-44157](CVE-2023/CVE-2023-441xx/CVE-2023-44157.json) (`2023-09-28T01:36:28.527`)
|
||||
* [CVE-2023-44158](CVE-2023/CVE-2023-441xx/CVE-2023-44158.json) (`2023-09-28T01:38:48.113`)
|
||||
* [CVE-2023-44159](CVE-2023/CVE-2023-441xx/CVE-2023-44159.json) (`2023-09-28T01:45:43.997`)
|
||||
* [CVE-2023-44160](CVE-2023/CVE-2023-441xx/CVE-2023-44160.json) (`2023-09-28T01:47:00.950`)
|
||||
* [CVE-2023-44161](CVE-2023/CVE-2023-441xx/CVE-2023-44161.json) (`2023-09-28T01:52:50.597`)
|
||||
* [CVE-2023-44207](CVE-2023/CVE-2023-442xx/CVE-2023-44207.json) (`2023-09-28T01:58:26.690`)
|
||||
|
||||
|
||||
## Download and Usage
|
||||
|
Loading…
x
Reference in New Issue
Block a user