admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-17 18:00:35.205182+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-17 18:00:39 +00:00
parent 428ed21f14
commit eb254268dc
127 changed files with 6803 additions and 950 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
CVE-2022/CVE-2022-220xx/CVE-2022-22022.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22022",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:08.927",
"lastModified": "2022-07-16T13:21:20.167",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:10.977",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226."
"value": "Windows Print Spooler Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.2
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -254,13 +254,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22022",
"source": "secure@microsoft.com",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22022",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22023.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22023",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.013",
"lastModified": "2022-07-16T13:30:47.310",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.130",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability."
"value": "Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability"
},
{
"lang": "es",
@ -234,12 +234,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22023",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22023",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22024.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22024",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.083",
"lastModified": "2022-07-16T13:17:26.577",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.213",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027."
"value": "Windows Fax Service Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -234,12 +234,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22024",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22024",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22025.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22025",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.183",
"lastModified": "2022-07-16T13:11:25.703",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.293",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Internet Information Services Cachuri Module Denial of Service Vulnerability."
"value": "Windows Internet Information Services Cachuri Module Denial of Service Vulnerability"
},
{
"lang": "es",
@ -234,12 +234,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22025",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22025",
"source": "secure@microsoft.com"
}
]
}

23
CVE-2022/CVE-2022-220xx/CVE-2022-22026.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22026",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.253",
"lastModified": "2022-09-28T19:58:11.487",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.380",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049."
"value": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,21 +249,8 @@
],
"references": [
{
"url": "http://packetstormsecurity.com/files/168068/Windows-sxs-CNodeFactory-XMLParser_Element_doc_assembly_assemblyIdentity-Heap-Buffer-Overflow.html",
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22026",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22026",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22027.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22027",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.317",
"lastModified": "2022-07-16T18:53:37.457",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.473",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22024."
"value": "Windows Fax Service Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22027",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22027",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22028.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22028",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.380",
"lastModified": "2022-07-16T18:55:09.063",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.557",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Network File System Information Disclosure Vulnerability."
"value": "Windows Network File System Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -134,12 +134,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22028",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22028",
"source": "secure@microsoft.com"
}
]
}

15
CVE-2022/CVE-2022-220xx/CVE-2022-22029.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22029",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.447",
"lastModified": "2022-07-16T18:56:23.997",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.637",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22039."
"value": "Windows Network File System Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -134,13 +134,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22029",
"source": "secure@microsoft.com",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22029",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22034.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22034",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.567",
"lastModified": "2022-07-16T18:59:32.720",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.720",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Graphics Component Elevation of Privilege Vulnerability."
"value": "Windows Graphics Component Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22034",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22034",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22036.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22036",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.627",
"lastModified": "2022-07-16T19:01:17.800",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.803",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Performance Counters for Windows Elevation of Privilege Vulnerability."
"value": "Performance Counters for Windows Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -239,12 +239,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22036",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22036",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22037.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22037",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.687",
"lastModified": "2022-07-16T19:03:55.827",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.883",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30202, CVE-2022-30224."
"value": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22037",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22037",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22038.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22038",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.747",
"lastModified": "2022-07-16T19:06:59.827",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:11.957",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Remote Procedure Call Runtime Remote Code Execution Vulnerability."
"value": "Remote Procedure Call Runtime Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -219,12 +219,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22038",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22038",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22039.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22039",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.807",
"lastModified": "2022-07-16T19:08:59.693",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.033",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22029."
"value": "Windows Network File System Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -134,12 +134,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22039",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22039",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22040.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22040",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.867",
"lastModified": "2022-07-16T19:12:29.813",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.107",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Internet Information Services Dynamic Compression Module Denial of Service Vulnerability."
"value": "Internet Information Services Dynamic Compression Module Denial of Service Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22040",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22040",
"source": "secure@microsoft.com"
}
]
}

19
CVE-2022/CVE-2022-220xx/CVE-2022-22041.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22041",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.927",
"lastModified": "2022-09-22T19:04:58.170",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.183",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-30206, CVE-2022-30226."
"value": "Windows Print Spooler Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -244,13 +244,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22041",
"source": "secure@microsoft.com",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22041",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22042.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22042",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:09.987",
"lastModified": "2022-07-16T13:54:41.787",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.270",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30223."
"value": "Windows Hyper-V Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -169,12 +169,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22042",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22042",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22043.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22043",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:10.053",
"lastModified": "2022-07-16T14:00:48.863",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.337",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Fast FAT File System Driver Elevation of Privilege Vulnerability."
"value": "Windows Fast FAT File System Driver Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22043",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22043",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22045.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22045",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:10.160",
"lastModified": "2022-07-16T13:52:37.010",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.407",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows.Devices.Picker.dll Elevation of Privilege Vulnerability."
"value": "Windows.Devices.Picker.dll Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -199,12 +199,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22045",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22045",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22047",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:10.343",
"lastModified": "2022-07-16T13:50:40.683",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.490",
"vulnStatus": "Modified",
"cisaExploitAdd": "2022-07-12",
"cisaActionDue": "2022-08-02",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -11,7 +11,7 @@
"descriptions": [
{
"lang": "en",
"value": "Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049."
"value": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -253,12 +253,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22047",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22048.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22048",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:10.503",
"lastModified": "2022-07-19T12:02:51.530",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.583",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "BitLocker Security Feature Bypass Vulnerability."
"value": "BitLocker Security Feature Bypass Vulnerability"
},
{
"lang": "es",
@ -269,12 +269,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22048",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22048",
"source": "secure@microsoft.com"
}
]
}

23
CVE-2022/CVE-2022-220xx/CVE-2022-22049.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22049",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:10.683",
"lastModified": "2022-09-28T19:58:28.877",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.677",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22047."
"value": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -269,21 +269,8 @@
],
"references": [
{
"url": "http://packetstormsecurity.com/files/168069/Windows-sxssrv-BaseSrvActivationContextCacheDuplicateUnicodeString-Heap-Buffer-Overflow.html",
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22049",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22049",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-220xx/CVE-2022-22050.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-22050",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:10.747",
"lastModified": "2022-07-19T12:24:41.713",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.757",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Fax Service Elevation of Privilege Vulnerability."
"value": "Windows Fax Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -269,12 +269,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22050",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22050",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-301xx/CVE-2022-30181.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30181",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:10.907",
"lastModified": "2022-07-20T15:50:01.020",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.843",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30181",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30181",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-301xx/CVE-2022-30187.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30187",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:10.960",
"lastModified": "2022-07-19T17:50:43.687",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.920",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Storage Library Information Disclosure Vulnerability."
"value": "Azure Storage Library Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -119,12 +119,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30187",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30187",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30202.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30202",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.013",
"lastModified": "2022-07-20T15:36:22.470",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:12.997",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30224."
"value": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30202",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30202",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30203.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30203",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.070",
"lastModified": "2022-07-20T15:24:03.520",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.077",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Boot Manager Security Feature Bypass Vulnerability."
"value": "Windows Boot Manager Security Feature Bypass Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30203",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30203",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30205.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30205",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.123",
"lastModified": "2022-07-20T15:11:51.073",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.160",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Group Policy Elevation of Privilege Vulnerability."
"value": "Windows Group Policy Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30205",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30205",
"source": "secure@microsoft.com"
}
]
}

15
CVE-2022/CVE-2022-302xx/CVE-2022-30206.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30206",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.177",
"lastModified": "2022-07-20T14:34:52.383",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.237",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30226."
"value": "Windows Print Spooler Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,13 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30206",
"source": "secure@microsoft.com",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30206",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30208.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30208",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.230",
"lastModified": "2022-07-20T14:33:02.367",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.317",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Security Account Manager (SAM) Denial of Service Vulnerability."
"value": "Windows Security Account Manager (SAM) Denial of Service Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30208",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30208",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30209.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30209",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.283",
"lastModified": "2022-07-20T14:31:35.070",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.393",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows IIS Server Elevation of Privilege Vulnerability."
"value": "Windows IIS Server Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30209",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30209",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-302xx/CVE-2022-30211.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30211",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.337",
"lastModified": "2022-09-22T19:08:18.283",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.473",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability."
"value": "Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -269,12 +269,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30211",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30211",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30212.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30212",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.390",
"lastModified": "2022-07-20T14:04:56.913",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.557",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Connected Devices Platform Service Information Disclosure Vulnerability."
"value": "Windows Connected Devices Platform Service Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -174,12 +174,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30212",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30212",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30213.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30213",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.447",
"lastModified": "2022-07-19T20:56:32.330",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.633",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows GDI+ Information Disclosure Vulnerability."
"value": "Windows GDI+ Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30213",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30213",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30214.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30214",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.497",
"lastModified": "2022-07-19T20:53:50.693",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.707",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows DNS Server Remote Code Execution Vulnerability."
"value": "Windows DNS Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -109,12 +109,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30214",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30214",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30215.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30215",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.550",
"lastModified": "2022-07-20T12:03:29.817",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.777",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Active Directory Federation Services Elevation of Privilege Vulnerability."
"value": "Active Directory Federation Services Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -109,12 +109,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30215",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30215",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30216.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30216",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.603",
"lastModified": "2022-07-20T11:00:37.630",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.853",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Server Service Tampering Vulnerability."
"value": "Windows Server Service Tampering Vulnerability"
},
{
"lang": "es",
@ -154,12 +154,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30216",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30216",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30220.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30220",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.667",
"lastModified": "2022-07-20T11:02:00.680",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.917",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability."
"value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30220",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30220",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30221.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30221",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.720",
"lastModified": "2022-07-20T11:04:27.233",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:13.997",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Graphics Component Remote Code Execution Vulnerability."
"value": "Windows Graphics Component Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -234,12 +234,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30221",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30221",
"source": "secure@microsoft.com"
}
]
}

15
CVE-2022/CVE-2022-302xx/CVE-2022-30222.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30222",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.770",
"lastModified": "2022-07-20T11:06:08.713",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.070",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Shell Remote Code Execution Vulnerability."
"value": "Windows Shell Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -189,13 +189,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30222",
"source": "secure@microsoft.com",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30222",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30223.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30223",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.823",
"lastModified": "2022-07-20T15:52:44.613",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.143",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22042."
"value": "Windows Hyper-V Information Disclosure Vulnerability"
},
{
"lang": "es",
@ -169,12 +169,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30223",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30223",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30224.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30224",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.877",
"lastModified": "2022-07-20T15:54:52.433",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.220",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30202."
"value": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30224",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30224",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-302xx/CVE-2022-30225.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30225",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.930",
"lastModified": "2022-07-20T15:56:44.077",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.297",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability."
"value": "Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,12 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30225",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30225",
"source": "secure@microsoft.com"
}
]
}

15
CVE-2022/CVE-2022-302xx/CVE-2022-30226.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-30226",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:11.983",
"lastModified": "2022-07-20T15:58:46.733",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.363",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30206."
"value": "Windows Print Spooler Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -249,13 +249,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30226",
"source": "secure@microsoft.com",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30226",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33633.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33633",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.223",
"lastModified": "2022-07-20T16:00:15.657",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.447",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Skype for Business and Lync Remote Code Execution Vulnerability."
"value": "Skype for Business and Lync Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -104,12 +104,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33633",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33633",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33637.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33637",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.277",
"lastModified": "2022-07-19T12:43:02.863",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.517",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Defender for Endpoint Tampering Vulnerability."
"value": "Microsoft Defender for Endpoint Tampering Vulnerability"
},
{
"lang": "es",
@ -94,12 +94,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33637",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33637",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33641.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33641",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.330",
"lastModified": "2022-07-19T01:50:19.180",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.593",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33641",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33641",
"source": "secure@microsoft.com"
}
]
}

18
CVE-2022/CVE-2022-336xx/CVE-2022-33642.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33642",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.383",
"lastModified": "2022-09-27T17:38:29.717",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.667",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33642",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33642",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33643.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33643",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.437",
"lastModified": "2022-07-19T01:50:47.540",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.740",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33643",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33643",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33650.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33650",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.540",
"lastModified": "2022-07-19T01:52:30.710",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.807",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33650",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33650",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33651.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33651",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.593",
"lastModified": "2022-07-19T01:49:55.980",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:14.877",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33651",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33651",
"source": "secure@microsoft.com"
}
]
}

24
CVE-2022/CVE-2022-336xx/CVE-2022-33652.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33652",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.657",
"lastModified": "2022-09-22T19:08:10.083",
"lastModified": "2023-05-17T17:15:14.953",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,27 +17,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33652",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33652",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33653.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33653",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.717",
"lastModified": "2022-07-19T01:03:42.040",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.080",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33653",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33653",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33654.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33654",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.770",
"lastModified": "2022-07-19T00:58:59.173",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.167",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33654",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33654",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33655.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33655",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.827",
"lastModified": "2022-07-19T00:58:46.243",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.250",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33655",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33655",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33656.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33656",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.880",
"lastModified": "2022-07-19T00:56:07.150",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.337",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33656",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33656",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33657.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33657",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.940",
"lastModified": "2022-07-19T00:55:44.340",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.420",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33657",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33657",
"source": "secure@microsoft.com"
}
]
}

24
CVE-2022/CVE-2022-336xx/CVE-2022-33658.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33658",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.997",
"lastModified": "2022-09-22T19:08:00.707",
"lastModified": "2023-05-17T17:15:15.497",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,27 +17,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33658",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33658",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33659.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33659",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.053",
"lastModified": "2022-07-19T00:46:23.687",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.587",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33659",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33659",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33660.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33660",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.107",
"lastModified": "2022-07-19T00:45:31.597",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.663",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33660",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33660",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33661.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33661",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.163",
"lastModified": "2022-07-19T00:45:18.080",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.740",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33661",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33661",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33662.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33662",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.217",
"lastModified": "2022-07-19T00:40:02.130",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.823",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33662",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33662",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33663.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33663",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.267",
"lastModified": "2022-07-19T00:38:57.280",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.907",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33663",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33663",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33664.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33664",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.323",
"lastModified": "2022-07-18T23:52:52.960",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:15.987",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33664",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33664",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33665.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33665",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.397",
"lastModified": "2022-07-18T23:52:23.197",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.073",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33665",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33665",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33666.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33666",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.453",
"lastModified": "2022-07-18T23:52:08.050",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.150",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33666",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33666",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33667.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33667",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.507",
"lastModified": "2022-07-18T23:51:17.117",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.230",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33667",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33667",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33668.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33668",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.557",
"lastModified": "2022-07-18T23:47:36.103",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.310",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33668",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33668",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33669.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33669",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.610",
"lastModified": "2022-07-18T23:46:56.787",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.390",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33669",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33669",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33671.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33671",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.670",
"lastModified": "2022-07-18T23:45:44.027",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.470",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33671",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33671",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33672.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33672",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.723",
"lastModified": "2022-07-18T23:35:56.147",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.550",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33672",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33672",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33673.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33673",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.777",
"lastModified": "2022-07-18T23:27:04.337",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.627",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33673",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33673",
"source": "secure@microsoft.com"
}
]
}

56
CVE-2022/CVE-2022-336xx/CVE-2022-33674.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33674",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.830",
"lastModified": "2022-07-18T23:25:49.693",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.713",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33675, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.5
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -115,12 +115,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33674",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33674",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33675.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33675",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.887",
"lastModified": "2022-07-18T23:24:35.103",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.810",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33677."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33675",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33675",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33676.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33676",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.937",
"lastModified": "2022-08-30T22:43:35.587",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:16.933",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33678."
"value": "Azure Site Recovery Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33676",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33676",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33677.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33677",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:13.990",
"lastModified": "2022-07-27T22:57:25.140",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:17.057",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675."
"value": "Azure Site Recovery Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33677",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33677",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2022/CVE-2022-336xx/CVE-2022-33678.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-33678",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:14.043",
"lastModified": "2022-08-30T22:43:43.673",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T17:15:17.170",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33676."
"value": "Azure Site Recovery Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -95,12 +95,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33678",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33678",
"source": "secure@microsoft.com"
}
]
}

57
CVE-2023/CVE-2023-17xx/CVE-2023-1732.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1732",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-05-10T12:15:10.523",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T17:04:45.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "cna@cloudflare.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
},
{
"source": "cna@cloudflare.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloudflare:circl:*:*:*:*:*:go:*:*",
"versionEndExcluding": "1.3.3",
"matchCriteriaId": "39A6B412-BB17-403E-B83A-FCFAD155C1B9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x",
"source": "cna@cloudflare.com"
"source": "cna@cloudflare.com",
"tags": [
"Vendor Advisory"
]
}
]
}

394
CVE-2023/CVE-2023-219xx/CVE-2023-21968.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21968",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-04-18T20:15:16.470",
"lastModified": "2023-04-27T15:15:12.067",
"vulnStatus": "Modified",
"lastModified": "2023-05-17T17:06:35.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -111,12 +111,400 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCAA4004-9319-478C-9D55-0E8307F872F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8",
"matchCriteriaId": "111E81BB-7D96-44EB-ACFA-415C3F3EA62A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11",
"versionEndIncluding": "11.0.18",
"matchCriteriaId": "90F6CEC5-2FD9-4ADB-9D86-B741C0ABCD7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17",
"versionEndIncluding": "17.0.6",
"matchCriteriaId": "83395182-E46E-47FF-A781-4EF235BC83B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:-:*:*:*:*:*:*",
"matchCriteriaId": "70892D06-6E75-4425-BBF0-4B684EC62A1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "7A165D71-71CC-4E6A-AA4F-FF8DB5B9A5AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "7417B2BB-9AC2-4AF4-A828-C89A0735AD92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:milestone3:*:*:*:*:*:*",
"matchCriteriaId": "6A0A57B5-6F88-4288-9CDE-F6613FE068D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:milestone4:*:*:*:*:*:*",
"matchCriteriaId": "67ED8559-C348-4932-B7CE-CB96976A30EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:milestone5:*:*:*:*:*:*",
"matchCriteriaId": "40AC3D91-263F-4345-9FAA-0E573EA64590"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:milestone6:*:*:*:*:*:*",
"matchCriteriaId": "DD92AFA9-81F8-48D4-B79A-E7F066F69A99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:milestone7:*:*:*:*:*:*",
"matchCriteriaId": "2C4B2F24-A730-4818-90C8-A2D90C081F03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:milestone8:*:*:*:*:*:*",
"matchCriteriaId": "464087F2-C285-4574-957E-CE0663F07DE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:milestone9:*:*:*:*:*:*",
"matchCriteriaId": "3E9BB880-A4F6-4887-8BB9-47AA298753D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update101:*:*:*:*:*:*",
"matchCriteriaId": "18DCFF53-B298-4534-AB5C-8A5EF59C616F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update102:*:*:*:*:*:*",
"matchCriteriaId": "083419F8-FDDF-4E36-88F8-857DB317C1D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update11:*:*:*:*:*:*",
"matchCriteriaId": "D7A74F65-57E8-4C9A-BA96-5EF401504F13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update111:*:*:*:*:*:*",
"matchCriteriaId": "0D0B90FC-57B6-4315-9B29-3C36E58B2CF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update112:*:*:*:*:*:*",
"matchCriteriaId": "07812576-3C35-404C-A7D7-9BE9E3D76E00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update121:*:*:*:*:*:*",
"matchCriteriaId": "00C52B1C-5447-4282-9667-9EBE0720B423"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update131:*:*:*:*:*:*",
"matchCriteriaId": "92BB9EB0-0C12-4E77-89EE-FB77097841B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update141:*:*:*:*:*:*",
"matchCriteriaId": "FF9D5DCE-2E8F-42B9-9038-AEA7E8C8CFFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update151:*:*:*:*:*:*",
"matchCriteriaId": "ABC0E7BB-F8B7-4369-9910-71240E4073A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update152:*:*:*:*:*:*",
"matchCriteriaId": "551B2640-8CEC-4C24-AF8B-7A7CEF864D9D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update161:*:*:*:*:*:*",
"matchCriteriaId": "0AE30779-48FB-451E-8CE1-F469F93B8772"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update162:*:*:*:*:*:*",
"matchCriteriaId": "60590FDE-7156-4314-A012-AA38BD2ADDC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update171:*:*:*:*:*:*",
"matchCriteriaId": "BE51AD3A-8331-4E8F-9DB1-7A0051731DFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update172:*:*:*:*:*:*",
"matchCriteriaId": "F24F6122-2256-41B6-9033-794C6424ED99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update181:*:*:*:*:*:*",
"matchCriteriaId": "0EAFA79E-8C7A-48CF-8868-11378FE4B26F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update191:*:*:*:*:*:*",
"matchCriteriaId": "D1D6F19F-59B5-4BB6-AD35-013384025970"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update192:*:*:*:*:*:*",
"matchCriteriaId": "E7BA97BC-3ADA-465A-835B-6C3C5F416B56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update20:*:*:*:*:*:*",
"matchCriteriaId": "B71F77A4-B7EB-47A1-AAFD-431A7D040B86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update201:*:*:*:*:*:*",
"matchCriteriaId": "91D6BEA9-5943-44A4-946D-CEAA9BA99376"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update202:*:*:*:*:*:*",
"matchCriteriaId": "C079A3E0-44EB-4B9C-B4FC-B7621D165C3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update211:*:*:*:*:*:*",
"matchCriteriaId": "2CB74086-14B8-4237-8357-E0C6B5BB8313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update212:*:*:*:*:*:*",
"matchCriteriaId": "3ABED20A-7C34-4E86-9AFB-F4DC9ECBB3A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update221:*:*:*:*:*:*",
"matchCriteriaId": "00C2B9C9-1177-4DA6-96CE-55F37F383F99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update222:*:*:*:*:*:*",
"matchCriteriaId": "435CF189-0BD8-40DF-A0DC-99862CDEAF8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update231:*:*:*:*:*:*",
"matchCriteriaId": "12A3F367-33AD-47C3-BFDC-871A17E72C94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update232:*:*:*:*:*:*",
"matchCriteriaId": "A18F994F-72CA-4AF5-A7D1-9F5AEA286D85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update241:*:*:*:*:*:*",
"matchCriteriaId": "78261932-7373-4F16-91E0-1A72ADBEBC3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update242:*:*:*:*:*:*",
"matchCriteriaId": "9BD90D3D-9B3A-4101-9A8A-5090F0A9719F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update25:*:*:*:*:*:*",
"matchCriteriaId": "B38C0276-0EBD-4E0B-BFCF-4DDECACE04E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update252:*:*:*:*:*:*",
"matchCriteriaId": "F5A40B8A-D428-4008-9F21-AF21394C51D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update262:*:*:*:*:*:*",
"matchCriteriaId": "FEC5B777-01E1-45EE-AF95-C3BD1F098B2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update271:*:*:*:*:*:*",
"matchCriteriaId": "3B504718-5DCE-43B4-B19A-C6B6E7444BD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update281:*:*:*:*:*:*",
"matchCriteriaId": "3102AA10-99A8-49A9-867E-7EEC56865680"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update282:*:*:*:*:*:*",
"matchCriteriaId": "5A55CBC7-A7B2-4B89-8AB5-ED30DBE6814E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update291:*:*:*:*:*:*",
"matchCriteriaId": "15BA8A26-2CDA-442B-A549-6BE92DCCD205"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update301:*:*:*:*:*:*",
"matchCriteriaId": "56F2883B-6A1B-4081-8877-07AF3A73F6CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update302:*:*:*:*:*:*",
"matchCriteriaId": "98C0742E-ACDD-4DB4-8A4C-B96702C8976C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update31:*:*:*:*:*:*",
"matchCriteriaId": "F8483034-DD5A-445D-892F-CDE90A7D58EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update312:*:*:*:*:*:*",
"matchCriteriaId": "1716A5CD-1C32-4F19-9DDE-F9C7CCB6B420"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update322:*:*:*:*:*:*",
"matchCriteriaId": "DAB4F663-BCAF-43DB-BCC3-24C060B0CBAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update332:*:*:*:*:*:*",
"matchCriteriaId": "A8EF5BB8-7DAF-49B0-A11E-14E89EF7377A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update342:*:*:*:*:*:*",
"matchCriteriaId": "383F0B07-59BF-4744-87F2-04C98BC183B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update40:*:*:*:*:*:*",
"matchCriteriaId": "8279718F-878F-4868-8859-1728D13CD0D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update45:*:*:*:*:*:*",
"matchCriteriaId": "2C024E1A-FD2C-42E8-B227-C2AFD3040436"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update5:*:*:*:*:*:*",
"matchCriteriaId": "4F24389D-DDD0-4204-AA24-31C920A4F47E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update51:*:*:*:*:*:*",
"matchCriteriaId": "966979BE-1F21-4729-B6B8-610F74648344"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update60:*:*:*:*:*:*",
"matchCriteriaId": "F8534265-33BF-460D-BF74-5F55FDE50F29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update65:*:*:*:*:*:*",
"matchCriteriaId": "F77AFC25-1466-4E56-9D5F-6988F3288E16"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update66:*:*:*:*:*:*",
"matchCriteriaId": "A650BEB8-E56F-4E42-9361-8D2DB083F0F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update71:*:*:*:*:*:*",
"matchCriteriaId": "799FFECD-E80A-44B3-953D-CDB5E195F3AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update72:*:*:*:*:*:*",
"matchCriteriaId": "A7047507-7CAF-4A14-AA9A-5CEF806EDE98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update73:*:*:*:*:*:*",
"matchCriteriaId": "CFC7B179-95D3-4F94-84F6-73F1034A1AF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update74:*:*:*:*:*:*",
"matchCriteriaId": "9FB28526-9385-44CA-AF08-1899E6C3AE4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update77:*:*:*:*:*:*",
"matchCriteriaId": "E26B69E4-0B43-415F-A82B-52FDCB262B3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update91:*:*:*:*:*:*",
"matchCriteriaId": "27BC4150-70EC-462B-8FC5-20B3442CBB31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:8:update92:*:*:*:*:*:*",
"matchCriteriaId": "02646989-ECD9-40AE-A83E-EFF4080C69B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:openjdk:20:*:*:*:*:*:*:*",
"matchCriteriaId": "77172BC0-8637-41F6-AE3B-83006D6735DE"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230427-0008/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2023.html",

55
CVE-2023/CVE-2023-223xx/CVE-2023-22348.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22348",
"sourceIdentifier": "security@checkmk.com",
"published": "2023-05-17T16:15:09.110",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/13982",
"source": "security@checkmk.com"
}
]
}

101
CVE-2023/CVE-2023-235xx/CVE-2023-23578.json
View File

@ -2,39 +2,122 @@
"id": "CVE-2023-23578",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-10T06:15:11.430",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:07:50.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier allows a remote unauthenticated attacker to connect to the product's ADB port."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "01.00.05",
"matchCriteriaId": "F23AF765-AF0C-48B7-A3DA-1A70A303C2D9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45CE4F45-5595-47E3-9BD4-47EA3D4F6E0E"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN40604023/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/archives/73969/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

129
CVE-2023/CVE-2023-239xx/CVE-2023-23901.json
View File

@ -2,39 +2,150 @@
"id": "CVE-2023-23901",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-10T06:15:11.727",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:08:29.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_basic_mb-a130_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.4.1",
"matchCriteriaId": "F81B98BA-4C78-4798-B118-299B530081E6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_basic_mb-a130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCACF50-F197-41A7-934C-6BDBD043A560"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "01.00.05",
"matchCriteriaId": "F23AF765-AF0C-48B7-A3DA-1A70A303C2D9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45CE4F45-5595-47E3-9BD4-47EA3D4F6E0E"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN40604023/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/archives/73969/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

129
CVE-2023/CVE-2023-239xx/CVE-2023-23906.json
View File

@ -2,39 +2,150 @@
"id": "CVE-2023-23906",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-10T06:15:12.007",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:51:00.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.0",
"matchCriteriaId": "4B4E6633-A672-41D8-8BC7-8374EF2F59DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D834FA-153B-4E9C-B88D-84BB86F3410C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.0",
"matchCriteriaId": "AD96E423-1212-411C-BC8D-78F3A3B6C27A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C62FA9-2A2F-4A29-95C7-3797623E9932"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN40604023/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/archives/73969/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

129
CVE-2023/CVE-2023-245xx/CVE-2023-24586.json
View File

@ -2,39 +2,150 @@
"id": "CVE-2023-24586",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-10T06:15:12.310",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:23:17.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.0",
"matchCriteriaId": "4B4E6633-A672-41D8-8BC7-8374EF2F59DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D834FA-153B-4E9C-B88D-84BB86F3410C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.0",
"matchCriteriaId": "AD96E423-1212-411C-BC8D-78F3A3B6C27A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C62FA9-2A2F-4A29-95C7-3797623E9932"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN40604023/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/archives/73969/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

6
CVE-2023/CVE-2023-24xx/CVE-2023-2479.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2479",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-02T15:15:23.760",
"lastModified": "2023-05-09T18:48:53.560",
"lastModified": "2023-05-17T17:05:52.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,9 +77,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:appim:appium-desktop:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:appium:appium-desktop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.22.3-4",
"matchCriteriaId": "5433D376-10A9-4706-A432-036DD89C5F89"
"matchCriteriaId": "28162FC6-3759-475D-AD57-A8F38BE6CB08"
}
]
}

129
CVE-2023/CVE-2023-250xx/CVE-2023-25070.json
View File

@ -2,39 +2,150 @@
"id": "CVE-2023-25070",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-10T06:15:12.497",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:29:30.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator's communication to the product."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.0",
"matchCriteriaId": "4B4E6633-A672-41D8-8BC7-8374EF2F59DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D834FA-153B-4E9C-B88D-84BB86F3410C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.0",
"matchCriteriaId": "AD96E423-1212-411C-BC8D-78F3A3B6C27A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C62FA9-2A2F-4A29-95C7-3797623E9932"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN40604023/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/archives/73969/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

129
CVE-2023/CVE-2023-250xx/CVE-2023-25072.json
View File

@ -2,39 +2,150 @@
"id": "CVE-2023-25072",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-10T06:15:13.030",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:34:14.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-521"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.0",
"matchCriteriaId": "4B4E6633-A672-41D8-8BC7-8374EF2F59DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D834FA-153B-4E9C-B88D-84BB86F3410C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.0",
"matchCriteriaId": "AD96E423-1212-411C-BC8D-78F3A3B6C27A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C62FA9-2A2F-4A29-95C7-3797623E9932"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN40604023/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/archives/73969/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

157
CVE-2023/CVE-2023-251xx/CVE-2023-25184.json
View File

@ -2,39 +2,178 @@
"id": "CVE-2023-25184",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-10T06:15:13.427",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:35:08.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, and SkySpider MB-R210 firmware Ver. 1.01.00 and earlier."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-521"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_basic_mb-a130_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.4.1",
"matchCriteriaId": "F81B98BA-4C78-4798-B118-299B530081E6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_basic_mb-a130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCACF50-F197-41A7-934C-6BDBD043A560"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "01.00.05",
"matchCriteriaId": "F23AF765-AF0C-48B7-A3DA-1A70A303C2D9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45CE4F45-5595-47E3-9BD4-47EA3D4F6E0E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:seiko-sol:skyspider_mb-r210_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.01.00",
"matchCriteriaId": "2A0B9CF9-E983-4C2B-B48E-DCD552079BE9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:seiko-sol:skyspider_mb-r210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7919E835-B10A-4B1A-8D42-0A49B36AEBE8"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN40604023/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/archives/73969/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

55
CVE-2023/CVE-2023-26xx/CVE-2023-2629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2629",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-10T16:15:10.660",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T17:15:23.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:customer-data-framework:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.9",
"matchCriteriaId": "E0297967-D5F3-423C-B673-60697D285E62"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/customer-data-framework/commit/4e0105c3a78d20686a0c010faef27d2297b98803",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/821ff465-4754-42d1-9376-813c17f16a01",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-26xx/CVE-2023-2679.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2679",
"sourceIdentifier": "security@snowsoftware.com",
"published": "2023-05-17T13:15:09.283",
"lastModified": "2023-05-17T13:15:09.283",
"vulnStatus": "Received",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

68
CVE-2023/CVE-2023-279xx/CVE-2023-27919.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-27919",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-10T06:15:14.753",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:34:34.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass vulnerability in NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series) all versions allows a remote unauthenticated attacker to alter the information stored in the system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:next-engine:next_engine_integration:*:*:*:*:*:ec-cube:*:*",
"matchCriteriaId": "56591E29-1C27-4BFD-9C5C-A24CCBF1B612"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN50862842/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://main.next-engine.com/Usernotice/detail?id=1054",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Permissions Required"
]
}
]
}

6
CVE-2023/CVE-2023-27xx/CVE-2023-2745.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2745",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-05-17T09:15:10.303",
"lastModified": "2023-05-17T12:46:46.567",
"lastModified": "2023-05-17T17:15:17.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172426/WordPress-Core-6.2-XSS-CSRF-Directory-Traversal.html",
"source": "security@wordfence.com"
},
{
"url": "https://core.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=55765%40%2F&new=55765%40%2F&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"

88
CVE-2023/CVE-2023-27xx/CVE-2023-2765.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2765",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T17:15:17.363",
"lastModified": "2023-05-17T17:15:17.363",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-36"
}
]
}
],
"references": [
{
"url": "https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.229270",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.229270",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-27xx/CVE-2023-2766.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2766",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T17:15:17.443",
"lastModified": "2023-05-17T17:15:17.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"references": [
{
"url": "https://github.com/8079048q/cve/blob/main/weaveroa.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.229271",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.229271",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-27xx/CVE-2023-2768.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2768",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T17:15:17.523",
"lastModified": "2023-05-17T17:15:17.523",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Sucms 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin_ads.php?action=add. The manipulation of the argument intro leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-229274 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Upgradeextension/Sucms-v1.0/blob/main/README.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.229274",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.229274",
"source": "cna@vuldb.com"
}
]
}

5
CVE-2023/CVE-2023-288xx/CVE-2023-28858.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28858",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-26T19:15:06.780",
"lastModified": "2023-04-05T18:37:34.083",
"lastModified": "2023-05-17T17:07:38.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis-py:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.3.6",
"matchCriteriaId": "69637424-9476-4061-AE94-3850C9B74C17"
"matchCriteriaId": "01B96893-5078-47C0-A2F2-D1039A45152D"
},
{
"vulnerable": true,

14
CVE-2023/CVE-2023-288xx/CVE-2023-28859.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28859",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-26T19:15:06.850",
"lastModified": "2023-04-05T19:06:45.993",
"lastModified": "2023-05-17T17:08:20.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis-py:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.5.3",
"matchCriteriaId": "8C34EEDA-921E-4849-A623-07D5539800A8"
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.4.4",
"matchCriteriaId": "8BF5D290-49BC-4C70-B801-9DCE97070663"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis-py:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5.0",
"versionEndExcluding": "4.5.4",
"matchCriteriaId": "39E01CD5-9AC0-46ED-A952-1EAD9FBFC930"
}
]
}

4
CVE-2023/CVE-2023-304xx/CVE-2023-30438.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30438",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-17T13:15:09.380",
"lastModified": "2023-05-17T13:15:09.380",
"vulnStatus": "Received",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

64
CVE-2023/CVE-2023-307xx/CVE-2023-30777.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30777",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-10T06:15:18.520",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:42:11.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,18 +66,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:-:wordpress:*:*",
"versionEndExcluding": "6.1.6",
"matchCriteriaId": "DF442F23-84C4-4F1C-AD3F-5A0F23ED7734"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "6.1.6",
"matchCriteriaId": "84B537B5-130F-4A63-B97E-FDF0C1909C24"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/articles/reflected-xss-in-advanced-custom-fields-plugins-affecting-2-million-sites?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-1-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/advanced-custom-fields/wordpress-advanced-custom-fields-plugin-6-1-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

336
CVE-2023/CVE-2023-311xx/CVE-2023-31153.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31153",
"sourceIdentifier": "security@selinc.com",
"published": "2023-05-10T20:15:10.343",
"lastModified": "2023-05-11T13:36:30.643",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:59:05.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,312 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r113-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "92EC2190-5E06-429E-A06A-76571E7ED430"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r148-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r119-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "2161BCBC-6892-47E6-9A9F-0A82F0AA6A92"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r132-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r109-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "0BF61241-5DC9-4CC8-8864-194FAE36F456"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r109-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "CAEC2354-33FF-4266-9648-BA165747EECE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r132-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r134-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r144-v2",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r144-v2",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

336
CVE-2023/CVE-2023-311xx/CVE-2023-31154.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31154",
"sourceIdentifier": "security@selinc.com",
"published": "2023-05-10T20:15:10.443",
"lastModified": "2023-05-11T13:36:30.643",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-17T16:51:43.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,312 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r132-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "5D2D202A-9B85-4BA0-8FE4-A6F71F369E8D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r148-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r132-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "65D15943-DDAB-446D-9179-CEEEF7EDA5BA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r132-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r132-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "B4821D90-2614-48D3-AFFC-B65C94E8968C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r132-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "0E6F4CFF-173F-4B68-8296-6F3713F98460"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r132-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r134-v0",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r144-v2",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r144-v2",
"versionEndExcluding": "r150-v2",
"matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More