From eb254268dcd744ef6f4c4ae691953cb22329777a Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 17 May 2023 18:00:39 +0000 Subject: [PATCH] Auto-Update: 2023-05-17 18:00:35.205182+00:00 --- CVE-2022/CVE-2022-220xx/CVE-2022-22022.json | 19 +- CVE-2022/CVE-2022-220xx/CVE-2022-22023.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22024.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22025.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22026.json | 23 +- CVE-2022/CVE-2022-220xx/CVE-2022-22027.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22028.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22029.json | 15 +- CVE-2022/CVE-2022-220xx/CVE-2022-22034.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22036.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22037.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22038.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22039.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22040.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22041.json | 19 +- CVE-2022/CVE-2022-220xx/CVE-2022-22042.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22043.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22045.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22047.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22048.json | 14 +- CVE-2022/CVE-2022-220xx/CVE-2022-22049.json | 23 +- CVE-2022/CVE-2022-220xx/CVE-2022-22050.json | 14 +- CVE-2022/CVE-2022-301xx/CVE-2022-30181.json | 14 +- CVE-2022/CVE-2022-301xx/CVE-2022-30187.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30202.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30203.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30205.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30206.json | 15 +- CVE-2022/CVE-2022-302xx/CVE-2022-30208.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30209.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30211.json | 18 +- CVE-2022/CVE-2022-302xx/CVE-2022-30212.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30213.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30214.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30215.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30216.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30220.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30221.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30222.json | 15 +- CVE-2022/CVE-2022-302xx/CVE-2022-30223.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30224.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30225.json | 14 +- CVE-2022/CVE-2022-302xx/CVE-2022-30226.json | 15 +- CVE-2022/CVE-2022-336xx/CVE-2022-33633.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33637.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33641.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33642.json | 18 +- CVE-2022/CVE-2022-336xx/CVE-2022-33643.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33650.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33651.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33652.json | 24 +- CVE-2022/CVE-2022-336xx/CVE-2022-33653.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33654.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33655.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33656.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33657.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33658.json | 24 +- CVE-2022/CVE-2022-336xx/CVE-2022-33659.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33660.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33661.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33662.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33663.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33664.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33665.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33666.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33667.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33668.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33669.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33671.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33672.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33673.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33674.json | 56 +- CVE-2022/CVE-2022-336xx/CVE-2022-33675.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33676.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33677.json | 14 +- CVE-2022/CVE-2022-336xx/CVE-2022-33678.json | 14 +- CVE-2023/CVE-2023-17xx/CVE-2023-1732.json | 57 +- CVE-2023/CVE-2023-219xx/CVE-2023-21968.json | 394 +++++++- CVE-2023/CVE-2023-223xx/CVE-2023-22348.json | 55 ++ CVE-2023/CVE-2023-235xx/CVE-2023-23578.json | 101 ++- CVE-2023/CVE-2023-239xx/CVE-2023-23901.json | 129 ++- CVE-2023/CVE-2023-239xx/CVE-2023-23906.json | 129 ++- CVE-2023/CVE-2023-245xx/CVE-2023-24586.json | 129 ++- CVE-2023/CVE-2023-24xx/CVE-2023-2479.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25070.json | 129 ++- CVE-2023/CVE-2023-250xx/CVE-2023-25072.json | 129 ++- CVE-2023/CVE-2023-251xx/CVE-2023-25184.json | 157 +++- CVE-2023/CVE-2023-26xx/CVE-2023-2629.json | 55 +- CVE-2023/CVE-2023-26xx/CVE-2023-2679.json | 4 +- CVE-2023/CVE-2023-279xx/CVE-2023-27919.json | 68 +- CVE-2023/CVE-2023-27xx/CVE-2023-2745.json | 6 +- CVE-2023/CVE-2023-27xx/CVE-2023-2765.json | 88 ++ CVE-2023/CVE-2023-27xx/CVE-2023-2766.json | 88 ++ CVE-2023/CVE-2023-27xx/CVE-2023-2768.json | 88 ++ CVE-2023/CVE-2023-288xx/CVE-2023-28858.json | 5 +- CVE-2023/CVE-2023-288xx/CVE-2023-28859.json | 14 +- CVE-2023/CVE-2023-304xx/CVE-2023-30438.json | 4 +- CVE-2023/CVE-2023-307xx/CVE-2023-30777.json | 64 +- CVE-2023/CVE-2023-311xx/CVE-2023-31153.json | 336 ++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31154.json | 336 ++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31155.json | 336 ++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31156.json | 336 ++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31157.json | 336 ++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31158.json | 336 ++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31163.json | 336 ++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31164.json | 336 ++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31165.json | 336 ++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31166.json | 336 ++++++- CVE-2023/CVE-2023-314xx/CVE-2023-31478.json | 951 +++++++++++++++++++- CVE-2023/CVE-2023-315xx/CVE-2023-31554.json | 63 +- CVE-2023/CVE-2023-316xx/CVE-2023-31698.json | 4 +- CVE-2023/CVE-2023-316xx/CVE-2023-31699.json | 4 +- CVE-2023/CVE-2023-317xx/CVE-2023-31700.json | 4 +- CVE-2023/CVE-2023-317xx/CVE-2023-31701.json | 4 +- CVE-2023/CVE-2023-317xx/CVE-2023-31702.json | 4 +- CVE-2023/CVE-2023-317xx/CVE-2023-31703.json | 4 +- CVE-2023/CVE-2023-317xx/CVE-2023-31722.json | 4 +- CVE-2023/CVE-2023-317xx/CVE-2023-31723.json | 4 +- CVE-2023/CVE-2023-317xx/CVE-2023-31724.json | 4 +- CVE-2023/CVE-2023-317xx/CVE-2023-31725.json | 4 +- CVE-2023/CVE-2023-319xx/CVE-2023-31902.json | 4 +- CVE-2023/CVE-2023-319xx/CVE-2023-31903.json | 4 +- CVE-2023/CVE-2023-319xx/CVE-2023-31904.json | 4 +- CVE-2023/CVE-2023-319xx/CVE-2023-31908.json | 65 +- CVE-2023/CVE-2023-319xx/CVE-2023-31910.json | 65 +- CVE-2023/CVE-2023-325xx/CVE-2023-32573.json | 78 +- README.md | 54 +- 127 files changed, 6803 insertions(+), 950 deletions(-) create mode 100644 CVE-2023/CVE-2023-223xx/CVE-2023-22348.json create mode 100644 CVE-2023/CVE-2023-27xx/CVE-2023-2765.json create mode 100644 CVE-2023/CVE-2023-27xx/CVE-2023-2766.json create mode 100644 CVE-2023/CVE-2023-27xx/CVE-2023-2768.json diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22022.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22022.json index 43537ad47b7..48963ec20c9 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22022.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22022.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22022", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:08.927", - "lastModified": "2022-07-16T13:21:20.167", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:10.977", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226." + "value": "Windows Print Spooler Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.2 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -254,13 +254,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22022", - "source": "secure@microsoft.com", - "tags": [ - "Mitigation", - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22022", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22023.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22023.json index 55915c8e573..9d7fb630fdb 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22023.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22023.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22023", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.013", - "lastModified": "2022-07-16T13:30:47.310", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.130", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability." + "value": "Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability" }, { "lang": "es", @@ -234,12 +234,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22023", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22023", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22024.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22024.json index 80141619480..909f8170ff2 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22024.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22024.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22024", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.083", - "lastModified": "2022-07-16T13:17:26.577", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.213", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027." + "value": "Windows Fax Service Remote Code Execution Vulnerability" }, { "lang": "es", @@ -234,12 +234,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22024", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22024", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22025.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22025.json index 905e0df6072..5ee853a0d2a 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22025.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22025.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22025", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.183", - "lastModified": "2022-07-16T13:11:25.703", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.293", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Internet Information Services Cachuri Module Denial of Service Vulnerability." + "value": "Windows Internet Information Services Cachuri Module Denial of Service Vulnerability" }, { "lang": "es", @@ -234,12 +234,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22025", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22025", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22026.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22026.json index a6e260980f7..6fab87d9fdb 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22026.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22026.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22026", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.253", - "lastModified": "2022-09-28T19:58:11.487", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.380", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049." + "value": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,21 +249,8 @@ ], "references": [ { - "url": "http://packetstormsecurity.com/files/168068/Windows-sxs-CNodeFactory-XMLParser_Element_doc_assembly_assemblyIdentity-Heap-Buffer-Overflow.html", - "source": "secure@microsoft.com", - "tags": [ - "Exploit", - "Third Party Advisory", - "VDB Entry" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22026", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22026", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22027.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22027.json index 3d78ff31fd3..963796acba3 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22027.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22027.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22027", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.317", - "lastModified": "2022-07-16T18:53:37.457", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.473", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22024." + "value": "Windows Fax Service Remote Code Execution Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22027", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22027", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22028.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22028.json index feb8fb2e960..bd50a017fe0 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22028.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22028.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22028", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.380", - "lastModified": "2022-07-16T18:55:09.063", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.557", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Network File System Information Disclosure Vulnerability." + "value": "Windows Network File System Information Disclosure Vulnerability" }, { "lang": "es", @@ -134,12 +134,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22028", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22028", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22029.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22029.json index 81d823a2d48..00ad9f33fb2 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22029.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22029.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22029", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.447", - "lastModified": "2022-07-16T18:56:23.997", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.637", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22039." + "value": "Windows Network File System Remote Code Execution Vulnerability" }, { "lang": "es", @@ -134,13 +134,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22029", - "source": "secure@microsoft.com", - "tags": [ - "Mitigation", - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22029", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22034.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22034.json index 9fdf3b59433..8bddc9cfc83 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22034.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22034.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22034", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.567", - "lastModified": "2022-07-16T18:59:32.720", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.720", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Graphics Component Elevation of Privilege Vulnerability." + "value": "Windows Graphics Component Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22034", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22034", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22036.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22036.json index 879da95745b..d3eddab5736 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22036.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22036.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22036", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.627", - "lastModified": "2022-07-16T19:01:17.800", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.803", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Performance Counters for Windows Elevation of Privilege Vulnerability." + "value": "Performance Counters for Windows Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -239,12 +239,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22036", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22036", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22037.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22037.json index 1534bac1ffb..86fc4353fe7 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22037.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22037.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22037", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.687", - "lastModified": "2022-07-16T19:03:55.827", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.883", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30202, CVE-2022-30224." + "value": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22037", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22037", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22038.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22038.json index 4ce6db272ed..eaad5534f7a 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22038.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22038.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22038", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.747", - "lastModified": "2022-07-16T19:06:59.827", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:11.957", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Remote Procedure Call Runtime Remote Code Execution Vulnerability." + "value": "Remote Procedure Call Runtime Remote Code Execution Vulnerability" }, { "lang": "es", @@ -219,12 +219,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22038", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22038", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22039.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22039.json index 20ccf59efe0..caf12a088c4 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22039.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22039.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22039", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.807", - "lastModified": "2022-07-16T19:08:59.693", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.033", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22029." + "value": "Windows Network File System Remote Code Execution Vulnerability" }, { "lang": "es", @@ -134,12 +134,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22039", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22039", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22040.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22040.json index ab5a817c7c9..b53148a675a 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22040.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22040.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22040", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.867", - "lastModified": "2022-07-16T19:12:29.813", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.107", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Internet Information Services Dynamic Compression Module Denial of Service Vulnerability." + "value": "Internet Information Services Dynamic Compression Module Denial of Service Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22040", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22040", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22041.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22041.json index 13d80b4bff8..afcbc445bcf 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22041.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22041.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22041", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.927", - "lastModified": "2022-09-22T19:04:58.170", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.183", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-30206, CVE-2022-30226." + "value": "Windows Print Spooler Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -244,13 +244,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22041", - "source": "secure@microsoft.com", - "tags": [ - "Mitigation", - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22041", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22042.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22042.json index cf07da3b472..b1e15adefbe 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22042.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22042.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22042", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:09.987", - "lastModified": "2022-07-16T13:54:41.787", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.270", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30223." + "value": "Windows Hyper-V Information Disclosure Vulnerability" }, { "lang": "es", @@ -169,12 +169,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22042", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22042", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22043.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22043.json index 32bb3d8a759..59948d0c5b1 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22043.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22043.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22043", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:10.053", - "lastModified": "2022-07-16T14:00:48.863", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.337", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Fast FAT File System Driver Elevation of Privilege Vulnerability." + "value": "Windows Fast FAT File System Driver Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22043", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22043", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22045.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22045.json index 47e7be58d8d..337539110ac 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22045.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22045.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22045", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:10.160", - "lastModified": "2022-07-16T13:52:37.010", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.407", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows.Devices.Picker.dll Elevation of Privilege Vulnerability." + "value": "Windows.Devices.Picker.dll Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -199,12 +199,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22045", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22045", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22047.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22047.json index ece384cd3b5..54046e2d65d 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22047.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22047.json @@ -2,8 +2,8 @@ "id": "CVE-2022-22047", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:10.343", - "lastModified": "2022-07-16T13:50:40.683", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.490", + "vulnStatus": "Modified", "cisaExploitAdd": "2022-07-12", "cisaActionDue": "2022-08-02", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049." + "value": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -253,12 +253,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22047", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22048.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22048.json index 0d80f5d9e56..aeb08a339f4 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22048.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22048.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22048", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:10.503", - "lastModified": "2022-07-19T12:02:51.530", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.583", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "BitLocker Security Feature Bypass Vulnerability." + "value": "BitLocker Security Feature Bypass Vulnerability" }, { "lang": "es", @@ -269,12 +269,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22048", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22048", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22049.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22049.json index 720f8fab03c..3ca02fff9c6 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22049.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22049.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22049", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:10.683", - "lastModified": "2022-09-28T19:58:28.877", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.677", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22047." + "value": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -269,21 +269,8 @@ ], "references": [ { - "url": "http://packetstormsecurity.com/files/168069/Windows-sxssrv-BaseSrvActivationContextCacheDuplicateUnicodeString-Heap-Buffer-Overflow.html", - "source": "secure@microsoft.com", - "tags": [ - "Exploit", - "Third Party Advisory", - "VDB Entry" - ] - }, - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22049", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22049", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-220xx/CVE-2022-22050.json b/CVE-2022/CVE-2022-220xx/CVE-2022-22050.json index 7b4700ffa85..b81a87f7c16 100644 --- a/CVE-2022/CVE-2022-220xx/CVE-2022-22050.json +++ b/CVE-2022/CVE-2022-220xx/CVE-2022-22050.json @@ -2,12 +2,12 @@ "id": "CVE-2022-22050", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:10.747", - "lastModified": "2022-07-19T12:24:41.713", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.757", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Fax Service Elevation of Privilege Vulnerability." + "value": "Windows Fax Service Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -269,12 +269,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22050", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22050", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-301xx/CVE-2022-30181.json b/CVE-2022/CVE-2022-301xx/CVE-2022-30181.json index 167e9ca5c6d..f1a97cefb47 100644 --- a/CVE-2022/CVE-2022-301xx/CVE-2022-30181.json +++ b/CVE-2022/CVE-2022-301xx/CVE-2022-30181.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30181", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:10.907", - "lastModified": "2022-07-20T15:50:01.020", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.843", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30181", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30181", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-301xx/CVE-2022-30187.json b/CVE-2022/CVE-2022-301xx/CVE-2022-30187.json index 14ac71d539d..9072f9dd38b 100644 --- a/CVE-2022/CVE-2022-301xx/CVE-2022-30187.json +++ b/CVE-2022/CVE-2022-301xx/CVE-2022-30187.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30187", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:10.960", - "lastModified": "2022-07-19T17:50:43.687", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.920", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Storage Library Information Disclosure Vulnerability." + "value": "Azure Storage Library Information Disclosure Vulnerability" }, { "lang": "es", @@ -119,12 +119,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30187", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30187", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30202.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30202.json index 0bb951ec9a2..c514dbb5c33 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30202.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30202.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30202", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.013", - "lastModified": "2022-07-20T15:36:22.470", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:12.997", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30224." + "value": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30202", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30202", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30203.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30203.json index b6997731952..2b299ec5a70 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30203.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30203.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30203", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.070", - "lastModified": "2022-07-20T15:24:03.520", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.077", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Boot Manager Security Feature Bypass Vulnerability." + "value": "Windows Boot Manager Security Feature Bypass Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30203", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30203", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30205.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30205.json index 4e5633dfaa5..72cead2bbf0 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30205.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30205.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30205", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.123", - "lastModified": "2022-07-20T15:11:51.073", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.160", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Group Policy Elevation of Privilege Vulnerability." + "value": "Windows Group Policy Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30205", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30205", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30206.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30206.json index 359db714849..059c4ca4a34 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30206.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30206.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30206", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.177", - "lastModified": "2022-07-20T14:34:52.383", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.237", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30226." + "value": "Windows Print Spooler Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,13 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30206", - "source": "secure@microsoft.com", - "tags": [ - "Mitigation", - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30206", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30208.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30208.json index b85988361d6..e14e6ce6593 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30208.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30208.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30208", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.230", - "lastModified": "2022-07-20T14:33:02.367", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.317", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Security Account Manager (SAM) Denial of Service Vulnerability." + "value": "Windows Security Account Manager (SAM) Denial of Service Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30208", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30208", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30209.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30209.json index e72878a4353..fca7c943cc9 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30209.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30209.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30209", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.283", - "lastModified": "2022-07-20T14:31:35.070", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.393", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows IIS Server Elevation of Privilege Vulnerability." + "value": "Windows IIS Server Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30209", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30209", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30211.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30211.json index b3f9ea9df61..aef7654103e 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30211.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30211.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30211", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.337", - "lastModified": "2022-09-22T19:08:18.283", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.473", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability." + "value": "Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -269,12 +269,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30211", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30211", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30212.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30212.json index ace408d0562..9963d425202 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30212.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30212.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30212", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.390", - "lastModified": "2022-07-20T14:04:56.913", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.557", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Connected Devices Platform Service Information Disclosure Vulnerability." + "value": "Windows Connected Devices Platform Service Information Disclosure Vulnerability" }, { "lang": "es", @@ -174,12 +174,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30212", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30212", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30213.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30213.json index 9a8f9ff64ad..ddcd6b9901e 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30213.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30213.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30213", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.447", - "lastModified": "2022-07-19T20:56:32.330", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.633", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows GDI+ Information Disclosure Vulnerability." + "value": "Windows GDI+ Information Disclosure Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30213", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30213", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30214.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30214.json index ebeb6c5bcb0..0545d751499 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30214.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30214.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30214", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.497", - "lastModified": "2022-07-19T20:53:50.693", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.707", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows DNS Server Remote Code Execution Vulnerability." + "value": "Windows DNS Server Remote Code Execution Vulnerability" }, { "lang": "es", @@ -109,12 +109,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30214", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30214", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30215.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30215.json index deaf7220dc9..bbc66d61c24 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30215.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30215.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30215", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.550", - "lastModified": "2022-07-20T12:03:29.817", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.777", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Active Directory Federation Services Elevation of Privilege Vulnerability." + "value": "Active Directory Federation Services Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -109,12 +109,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30215", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30215", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30216.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30216.json index 1746e10f6a5..d60485bdd1b 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30216.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30216.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30216", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.603", - "lastModified": "2022-07-20T11:00:37.630", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.853", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Server Service Tampering Vulnerability." + "value": "Windows Server Service Tampering Vulnerability" }, { "lang": "es", @@ -154,12 +154,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30216", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30216", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30220.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30220.json index c699e278333..f6c7dd6a701 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30220.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30220.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30220", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.667", - "lastModified": "2022-07-20T11:02:00.680", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.917", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability." + "value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30220", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30220", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30221.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30221.json index d624f03998c..6bbd526c8d0 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30221.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30221.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30221", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.720", - "lastModified": "2022-07-20T11:04:27.233", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:13.997", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Graphics Component Remote Code Execution Vulnerability." + "value": "Windows Graphics Component Remote Code Execution Vulnerability" }, { "lang": "es", @@ -234,12 +234,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30221", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30221", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30222.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30222.json index ea384a41430..e20fb8b48f3 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30222.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30222.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30222", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.770", - "lastModified": "2022-07-20T11:06:08.713", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.070", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Shell Remote Code Execution Vulnerability." + "value": "Windows Shell Remote Code Execution Vulnerability" }, { "lang": "es", @@ -189,13 +189,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30222", - "source": "secure@microsoft.com", - "tags": [ - "Mitigation", - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30222", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30223.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30223.json index ff42a3a9f41..6898472f789 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30223.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30223.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30223", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.823", - "lastModified": "2022-07-20T15:52:44.613", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.143", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22042." + "value": "Windows Hyper-V Information Disclosure Vulnerability" }, { "lang": "es", @@ -169,12 +169,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30223", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30223", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30224.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30224.json index e4a5a9718e8..9fedaeb3785 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30224.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30224.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30224", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.877", - "lastModified": "2022-07-20T15:54:52.433", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.220", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30202." + "value": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30224", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30224", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30225.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30225.json index f19457a5c41..13a3c3521e2 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30225.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30225.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30225", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.930", - "lastModified": "2022-07-20T15:56:44.077", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.297", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability." + "value": "Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,12 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30225", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30225", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-302xx/CVE-2022-30226.json b/CVE-2022/CVE-2022-302xx/CVE-2022-30226.json index 3d00b1896ce..2ac38df79b0 100644 --- a/CVE-2022/CVE-2022-302xx/CVE-2022-30226.json +++ b/CVE-2022/CVE-2022-302xx/CVE-2022-30226.json @@ -2,12 +2,12 @@ "id": "CVE-2022-30226", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:11.983", - "lastModified": "2022-07-20T15:58:46.733", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.363", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30206." + "value": "Windows Print Spooler Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -249,13 +249,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30226", - "source": "secure@microsoft.com", - "tags": [ - "Mitigation", - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30226", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33633.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33633.json index 99deb720a46..8f1bf91a36f 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33633.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33633.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33633", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.223", - "lastModified": "2022-07-20T16:00:15.657", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.447", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Skype for Business and Lync Remote Code Execution Vulnerability." + "value": "Skype for Business and Lync Remote Code Execution Vulnerability" }, { "lang": "es", @@ -104,12 +104,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33633", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33633", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33637.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33637.json index 006f3b6284c..040396c2dcc 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33637.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33637.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33637", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.277", - "lastModified": "2022-07-19T12:43:02.863", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.517", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Defender for Endpoint Tampering Vulnerability." + "value": "Microsoft Defender for Endpoint Tampering Vulnerability" }, { "lang": "es", @@ -94,12 +94,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33637", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33637", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33641.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33641.json index f62cb308d09..869a805a3bd 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33641.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33641.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33641", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.330", - "lastModified": "2022-07-19T01:50:19.180", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.593", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33641", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33641", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33642.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33642.json index fa9426fe8db..33ed762df8e 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33642.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33642.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33642", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.383", - "lastModified": "2022-09-27T17:38:29.717", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.667", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33642", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33642", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33643.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33643.json index 269b2dd4e88..0f89d19f456 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33643.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33643.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33643", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.437", - "lastModified": "2022-07-19T01:50:47.540", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.740", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33643", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33643", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33650.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33650.json index 0cf536529f5..e42dc067c2c 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33650.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33650.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33650", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.540", - "lastModified": "2022-07-19T01:52:30.710", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.807", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33650", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33650", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33651.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33651.json index 6d704bfbe42..7f59d8d5fd0 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33651.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33651.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33651", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.593", - "lastModified": "2022-07-19T01:49:55.980", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:14.877", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33651", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33651", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33652.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33652.json index fe09ec2182d..839aefa8778 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33652.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33652.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33652", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.657", - "lastModified": "2022-09-22T19:08:10.083", + "lastModified": "2023-05-17T17:15:14.953", "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,27 +17,27 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", - "attackComplexity": "HIGH", + "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 4.4, + "baseScore": 4.9, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 0.7, + "exploitabilityScore": 1.2, "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33652", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33652", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33653.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33653.json index 46ab3b0faee..45c8766c687 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33653.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33653.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33653", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.717", - "lastModified": "2022-07-19T01:03:42.040", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.080", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33653", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33653", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33654.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33654.json index d2d7111448a..857507b362b 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33654.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33654.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33654", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.770", - "lastModified": "2022-07-19T00:58:59.173", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.167", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33654", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33654", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33655.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33655.json index 20d44832bf5..29600113133 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33655.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33655.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33655", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.827", - "lastModified": "2022-07-19T00:58:46.243", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.250", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33655", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33655", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33656.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33656.json index 9663bb17d50..e9b3d8ab9f4 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33656.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33656.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33656", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.880", - "lastModified": "2022-07-19T00:56:07.150", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.337", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33656", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33656", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33657.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33657.json index 798b3f6901b..e747fdf4226 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33657.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33657.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33657", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.940", - "lastModified": "2022-07-19T00:55:44.340", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.420", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33657", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33657", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33658.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33658.json index 5f6c7ec9f01..a8f3fbbdeb9 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33658.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33658.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33658", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.997", - "lastModified": "2022-09-22T19:08:00.707", + "lastModified": "2023-05-17T17:15:15.497", "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,27 +17,27 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", - "attackComplexity": "HIGH", + "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 4.4, + "baseScore": 4.9, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 0.7, + "exploitabilityScore": 1.2, "impactScore": 3.6 }, { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33658", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33658", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33659.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33659.json index d9073f46a02..102d04a53f7 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33659.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33659.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33659", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.053", - "lastModified": "2022-07-19T00:46:23.687", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.587", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33659", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33659", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33660.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33660.json index 89955d72337..bf87d173261 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33660.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33660.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33660", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.107", - "lastModified": "2022-07-19T00:45:31.597", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.663", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33660", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33660", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33661.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33661.json index d2bb1161744..2d38fc4d485 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33661.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33661.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33661", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.163", - "lastModified": "2022-07-19T00:45:18.080", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.740", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33661", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33661", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33662.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33662.json index 98ba3739696..0e03bba8ceb 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33662.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33662.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33662", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.217", - "lastModified": "2022-07-19T00:40:02.130", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.823", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33662", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33662", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33663.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33663.json index c410146a68e..c4828352894 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33663.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33663.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33663", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.267", - "lastModified": "2022-07-19T00:38:57.280", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.907", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33663", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33663", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33664.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33664.json index 02cf666ab4c..f37af079351 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33664.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33664.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33664", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.323", - "lastModified": "2022-07-18T23:52:52.960", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:15.987", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33664", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33664", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33665.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33665.json index 9f108213d3d..91c5e59a103 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33665.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33665.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33665", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.397", - "lastModified": "2022-07-18T23:52:23.197", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.073", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33665", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33665", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33666.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33666.json index f42bdd27d0b..a7f18e5beac 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33666.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33666.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33666", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.453", - "lastModified": "2022-07-18T23:52:08.050", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.150", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33666", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33666", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33667.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33667.json index 0f750b09706..bf7b115e825 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33667.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33667.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33667", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.507", - "lastModified": "2022-07-18T23:51:17.117", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.230", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33667", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33667", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33668.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33668.json index be2253e7b45..854fe69ccb2 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33668.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33668.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33668", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.557", - "lastModified": "2022-07-18T23:47:36.103", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.310", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33668", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33668", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33669.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33669.json index 65a355a968d..824e5fc3fef 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33669.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33669.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33669", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.610", - "lastModified": "2022-07-18T23:46:56.787", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.390", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33669", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33669", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33671.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33671.json index f82bc17f6ea..6f5af3a9251 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33671.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33671.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33671", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.670", - "lastModified": "2022-07-18T23:45:44.027", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.470", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33671", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33671", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33672.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33672.json index f859fc21ac2..41235d21f8d 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33672.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33672.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33672", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.723", - "lastModified": "2022-07-18T23:35:56.147", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.550", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33672", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33672", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33673.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33673.json index 0c6f18f1af0..ede458d179f 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33673.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33673.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33673", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.777", - "lastModified": "2022-07-18T23:27:04.337", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.627", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33673", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33673", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33674.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33674.json index dc693c894fe..401289c619f 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33674.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33674.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33674", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.830", - "lastModified": "2022-07-18T23:25:49.693", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.713", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33675, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, { "source": "secure@microsoft.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.5 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -115,12 +115,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33674", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33674", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33675.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33675.json index 7f200b2b28a..f98f62b888a 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33675.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33675.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33675", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.887", - "lastModified": "2022-07-18T23:24:35.103", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.810", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33677." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33675", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33675", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33676.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33676.json index 2b01117f60f..c05e8e02209 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33676.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33676.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33676", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.937", - "lastModified": "2022-08-30T22:43:35.587", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:16.933", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33678." + "value": "Azure Site Recovery Remote Code Execution Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33676", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33676", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33677.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33677.json index 3044475abe4..a5b47fa9404 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33677.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33677.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33677", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:13.990", - "lastModified": "2022-07-27T22:57:25.140", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:17.057", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675." + "value": "Azure Site Recovery Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33677", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33677", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33678.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33678.json index e79bcdbd471..c5ecc9b216e 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33678.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33678.json @@ -2,12 +2,12 @@ "id": "CVE-2022-33678", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:14.043", - "lastModified": "2022-08-30T22:43:43.673", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-17T17:15:17.170", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33676." + "value": "Azure Site Recovery Remote Code Execution Vulnerability" }, { "lang": "es", @@ -95,12 +95,8 @@ ], "references": [ { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33678", - "source": "secure@microsoft.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33678", + "source": "secure@microsoft.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-17xx/CVE-2023-1732.json b/CVE-2023/CVE-2023-17xx/CVE-2023-1732.json index f219f1befbf..45053897262 100644 --- a/CVE-2023/CVE-2023-17xx/CVE-2023-1732.json +++ b/CVE-2023/CVE-2023-17xx/CVE-2023-1732.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1732", "sourceIdentifier": "cna@cloudflare.com", "published": "2023-05-10T12:15:10.523", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:04:45.347", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + }, { "source": "cna@cloudflare.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-755" + } + ] + }, { "source": "cna@cloudflare.com", "type": "Secondary", @@ -50,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cloudflare:circl:*:*:*:*:*:go:*:*", + "versionEndExcluding": "1.3.3", + "matchCriteriaId": "39A6B412-BB17-403E-B83A-FCFAD155C1B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x", - "source": "cna@cloudflare.com" + "source": "cna@cloudflare.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-219xx/CVE-2023-21968.json b/CVE-2023/CVE-2023-219xx/CVE-2023-21968.json index 919a02a9def..039c23d169b 100644 --- a/CVE-2023/CVE-2023-219xx/CVE-2023-21968.json +++ b/CVE-2023/CVE-2023-219xx/CVE-2023-21968.json @@ -2,8 +2,8 @@ "id": "CVE-2023-21968", "sourceIdentifier": "secalert_us@oracle.com", "published": "2023-04-18T20:15:16.470", - "lastModified": "2023-04-27T15:15:12.067", - "vulnStatus": "Modified", + "lastModified": "2023-05-17T17:06:35.360", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -111,12 +111,400 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CCAA4004-9319-478C-9D55-0E8307F872F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8", + "matchCriteriaId": "111E81BB-7D96-44EB-ACFA-415C3F3EA62A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11", + "versionEndIncluding": "11.0.18", + "matchCriteriaId": "90F6CEC5-2FD9-4ADB-9D86-B741C0ABCD7B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17", + "versionEndIncluding": "17.0.6", + "matchCriteriaId": "83395182-E46E-47FF-A781-4EF235BC83B6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:-:*:*:*:*:*:*", + "matchCriteriaId": "70892D06-6E75-4425-BBF0-4B684EC62A1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone1:*:*:*:*:*:*", + "matchCriteriaId": "7A165D71-71CC-4E6A-AA4F-FF8DB5B9A5AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone2:*:*:*:*:*:*", + "matchCriteriaId": "7417B2BB-9AC2-4AF4-A828-C89A0735AD92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone3:*:*:*:*:*:*", + "matchCriteriaId": "6A0A57B5-6F88-4288-9CDE-F6613FE068D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone4:*:*:*:*:*:*", + "matchCriteriaId": "67ED8559-C348-4932-B7CE-CB96976A30EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone5:*:*:*:*:*:*", + "matchCriteriaId": "40AC3D91-263F-4345-9FAA-0E573EA64590" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone6:*:*:*:*:*:*", + "matchCriteriaId": "DD92AFA9-81F8-48D4-B79A-E7F066F69A99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone7:*:*:*:*:*:*", + "matchCriteriaId": "2C4B2F24-A730-4818-90C8-A2D90C081F03" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone8:*:*:*:*:*:*", + "matchCriteriaId": "464087F2-C285-4574-957E-CE0663F07DE0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone9:*:*:*:*:*:*", + "matchCriteriaId": "3E9BB880-A4F6-4887-8BB9-47AA298753D5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update101:*:*:*:*:*:*", + "matchCriteriaId": "18DCFF53-B298-4534-AB5C-8A5EF59C616F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update102:*:*:*:*:*:*", + "matchCriteriaId": "083419F8-FDDF-4E36-88F8-857DB317C1D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update11:*:*:*:*:*:*", + "matchCriteriaId": "D7A74F65-57E8-4C9A-BA96-5EF401504F13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update111:*:*:*:*:*:*", + "matchCriteriaId": "0D0B90FC-57B6-4315-9B29-3C36E58B2CF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update112:*:*:*:*:*:*", + "matchCriteriaId": "07812576-3C35-404C-A7D7-9BE9E3D76E00" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update121:*:*:*:*:*:*", + "matchCriteriaId": "00C52B1C-5447-4282-9667-9EBE0720B423" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update131:*:*:*:*:*:*", + "matchCriteriaId": "92BB9EB0-0C12-4E77-89EE-FB77097841B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update141:*:*:*:*:*:*", + "matchCriteriaId": "FF9D5DCE-2E8F-42B9-9038-AEA7E8C8CFFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update151:*:*:*:*:*:*", + "matchCriteriaId": "ABC0E7BB-F8B7-4369-9910-71240E4073A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update152:*:*:*:*:*:*", + "matchCriteriaId": "551B2640-8CEC-4C24-AF8B-7A7CEF864D9D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update161:*:*:*:*:*:*", + "matchCriteriaId": "0AE30779-48FB-451E-8CE1-F469F93B8772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update162:*:*:*:*:*:*", + "matchCriteriaId": "60590FDE-7156-4314-A012-AA38BD2ADDC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update171:*:*:*:*:*:*", + "matchCriteriaId": "BE51AD3A-8331-4E8F-9DB1-7A0051731DFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update172:*:*:*:*:*:*", + "matchCriteriaId": "F24F6122-2256-41B6-9033-794C6424ED99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update181:*:*:*:*:*:*", + "matchCriteriaId": "0EAFA79E-8C7A-48CF-8868-11378FE4B26F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update191:*:*:*:*:*:*", + "matchCriteriaId": "D1D6F19F-59B5-4BB6-AD35-013384025970" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update192:*:*:*:*:*:*", + "matchCriteriaId": "E7BA97BC-3ADA-465A-835B-6C3C5F416B56" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update20:*:*:*:*:*:*", + "matchCriteriaId": "B71F77A4-B7EB-47A1-AAFD-431A7D040B86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update201:*:*:*:*:*:*", + "matchCriteriaId": "91D6BEA9-5943-44A4-946D-CEAA9BA99376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update202:*:*:*:*:*:*", + "matchCriteriaId": "C079A3E0-44EB-4B9C-B4FC-B7621D165C3B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update211:*:*:*:*:*:*", + "matchCriteriaId": "2CB74086-14B8-4237-8357-E0C6B5BB8313" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update212:*:*:*:*:*:*", + "matchCriteriaId": "3ABED20A-7C34-4E86-9AFB-F4DC9ECBB3A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update221:*:*:*:*:*:*", + "matchCriteriaId": "00C2B9C9-1177-4DA6-96CE-55F37F383F99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update222:*:*:*:*:*:*", + "matchCriteriaId": "435CF189-0BD8-40DF-A0DC-99862CDEAF8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update231:*:*:*:*:*:*", + "matchCriteriaId": "12A3F367-33AD-47C3-BFDC-871A17E72C94" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update232:*:*:*:*:*:*", + "matchCriteriaId": "A18F994F-72CA-4AF5-A7D1-9F5AEA286D85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update241:*:*:*:*:*:*", + "matchCriteriaId": "78261932-7373-4F16-91E0-1A72ADBEBC3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update242:*:*:*:*:*:*", + "matchCriteriaId": "9BD90D3D-9B3A-4101-9A8A-5090F0A9719F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update25:*:*:*:*:*:*", + "matchCriteriaId": "B38C0276-0EBD-4E0B-BFCF-4DDECACE04E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update252:*:*:*:*:*:*", + "matchCriteriaId": "F5A40B8A-D428-4008-9F21-AF21394C51D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update262:*:*:*:*:*:*", + "matchCriteriaId": "FEC5B777-01E1-45EE-AF95-C3BD1F098B2F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update271:*:*:*:*:*:*", + "matchCriteriaId": "3B504718-5DCE-43B4-B19A-C6B6E7444BD3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update281:*:*:*:*:*:*", + "matchCriteriaId": "3102AA10-99A8-49A9-867E-7EEC56865680" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update282:*:*:*:*:*:*", + "matchCriteriaId": "5A55CBC7-A7B2-4B89-8AB5-ED30DBE6814E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update291:*:*:*:*:*:*", + "matchCriteriaId": "15BA8A26-2CDA-442B-A549-6BE92DCCD205" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update301:*:*:*:*:*:*", + "matchCriteriaId": "56F2883B-6A1B-4081-8877-07AF3A73F6CD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update302:*:*:*:*:*:*", + "matchCriteriaId": "98C0742E-ACDD-4DB4-8A4C-B96702C8976C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update31:*:*:*:*:*:*", + "matchCriteriaId": "F8483034-DD5A-445D-892F-CDE90A7D58EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update312:*:*:*:*:*:*", + "matchCriteriaId": "1716A5CD-1C32-4F19-9DDE-F9C7CCB6B420" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update322:*:*:*:*:*:*", + "matchCriteriaId": "DAB4F663-BCAF-43DB-BCC3-24C060B0CBAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update332:*:*:*:*:*:*", + "matchCriteriaId": "A8EF5BB8-7DAF-49B0-A11E-14E89EF7377A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update342:*:*:*:*:*:*", + "matchCriteriaId": "383F0B07-59BF-4744-87F2-04C98BC183B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update40:*:*:*:*:*:*", + "matchCriteriaId": "8279718F-878F-4868-8859-1728D13CD0D8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update45:*:*:*:*:*:*", + "matchCriteriaId": "2C024E1A-FD2C-42E8-B227-C2AFD3040436" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update5:*:*:*:*:*:*", + "matchCriteriaId": "4F24389D-DDD0-4204-AA24-31C920A4F47E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update51:*:*:*:*:*:*", + "matchCriteriaId": "966979BE-1F21-4729-B6B8-610F74648344" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update60:*:*:*:*:*:*", + "matchCriteriaId": "F8534265-33BF-460D-BF74-5F55FDE50F29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update65:*:*:*:*:*:*", + "matchCriteriaId": "F77AFC25-1466-4E56-9D5F-6988F3288E16" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update66:*:*:*:*:*:*", + "matchCriteriaId": "A650BEB8-E56F-4E42-9361-8D2DB083F0F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update71:*:*:*:*:*:*", + "matchCriteriaId": "799FFECD-E80A-44B3-953D-CDB5E195F3AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update72:*:*:*:*:*:*", + "matchCriteriaId": "A7047507-7CAF-4A14-AA9A-5CEF806EDE98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update73:*:*:*:*:*:*", + "matchCriteriaId": "CFC7B179-95D3-4F94-84F6-73F1034A1AF2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update74:*:*:*:*:*:*", + "matchCriteriaId": "9FB28526-9385-44CA-AF08-1899E6C3AE4D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update77:*:*:*:*:*:*", + "matchCriteriaId": "E26B69E4-0B43-415F-A82B-52FDCB262B3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update91:*:*:*:*:*:*", + "matchCriteriaId": "27BC4150-70EC-462B-8FC5-20B3442CBB31" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update92:*:*:*:*:*:*", + "matchCriteriaId": "02646989-ECD9-40AE-A83E-EFF4080C69B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:20:*:*:*:*:*:*:*", + "matchCriteriaId": "77172BC0-8637-41F6-AE3B-83006D6735DE" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20230427-0008/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpuapr2023.html", diff --git a/CVE-2023/CVE-2023-223xx/CVE-2023-22348.json b/CVE-2023/CVE-2023-223xx/CVE-2023-22348.json new file mode 100644 index 00000000000..2aa34e7f793 --- /dev/null +++ b/CVE-2023/CVE-2023-223xx/CVE-2023-22348.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-22348", + "sourceIdentifier": "security@checkmk.com", + "published": "2023-05-17T16:15:09.110", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://checkmk.com/werk/13982", + "source": "security@checkmk.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23578.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23578.json index 1b0c46a0e9f..9844f7b2539 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23578.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23578.json @@ -2,39 +2,122 @@ "id": "CVE-2023-23578", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:11.430", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:07:50.100", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier allows a remote unauthenticated attacker to connect to the product's ADB port." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a200_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "01.00.05", + "matchCriteriaId": "F23AF765-AF0C-48B7-A3DA-1A70A303C2D9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45CE4F45-5595-47E3-9BD4-47EA3D4F6E0E" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN40604023/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/archives/73969/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-239xx/CVE-2023-23901.json b/CVE-2023/CVE-2023-239xx/CVE-2023-23901.json index 5583bcd282c..4b275d7bf8f 100644 --- a/CVE-2023/CVE-2023-239xx/CVE-2023-23901.json +++ b/CVE-2023/CVE-2023-239xx/CVE-2023-23901.json @@ -2,39 +2,150 @@ "id": "CVE-2023-23901", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:11.727", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:08:29.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_basic_mb-a130_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.4.1", + "matchCriteriaId": "F81B98BA-4C78-4798-B118-299B530081E6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_basic_mb-a130:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FCACF50-F197-41A7-934C-6BDBD043A560" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a200_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "01.00.05", + "matchCriteriaId": "F23AF765-AF0C-48B7-A3DA-1A70A303C2D9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45CE4F45-5595-47E3-9BD4-47EA3D4F6E0E" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN40604023/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/archives/73969/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-239xx/CVE-2023-23906.json b/CVE-2023/CVE-2023-239xx/CVE-2023-23906.json index f32e19ad3ac..f53c08ab7a0 100644 --- a/CVE-2023/CVE-2023-239xx/CVE-2023-23906.json +++ b/CVE-2023/CVE-2023-239xx/CVE-2023-23906.json @@ -2,39 +2,150 @@ "id": "CVE-2023-23906", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:12.007", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:51:00.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2.0", + "matchCriteriaId": "4B4E6633-A672-41D8-8BC7-8374EF2F59DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*", + "matchCriteriaId": "29D834FA-153B-4E9C-B88D-84BB86F3410C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2.0", + "matchCriteriaId": "AD96E423-1212-411C-BC8D-78F3A3B6C27A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1C62FA9-2A2F-4A29-95C7-3797623E9932" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN40604023/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/archives/73969/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-245xx/CVE-2023-24586.json b/CVE-2023/CVE-2023-245xx/CVE-2023-24586.json index 7d1bce0f50f..d93660b7de8 100644 --- a/CVE-2023/CVE-2023-245xx/CVE-2023-24586.json +++ b/CVE-2023/CVE-2023-245xx/CVE-2023-24586.json @@ -2,39 +2,150 @@ "id": "CVE-2023-24586", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:12.310", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:23:17.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2.0", + "matchCriteriaId": "4B4E6633-A672-41D8-8BC7-8374EF2F59DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*", + "matchCriteriaId": "29D834FA-153B-4E9C-B88D-84BB86F3410C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2.0", + "matchCriteriaId": "AD96E423-1212-411C-BC8D-78F3A3B6C27A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1C62FA9-2A2F-4A29-95C7-3797623E9932" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN40604023/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/archives/73969/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2479.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2479.json index 884ddd93971..9568c9e9b5f 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2479.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2479.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2479", "sourceIdentifier": "security@huntr.dev", "published": "2023-05-02T15:15:23.760", - "lastModified": "2023-05-09T18:48:53.560", + "lastModified": "2023-05-17T17:05:52.643", "vulnStatus": "Analyzed", "descriptions": [ { @@ -77,9 +77,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:appim:appium-desktop:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:appium:appium-desktop:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.22.3-4", - "matchCriteriaId": "5433D376-10A9-4706-A432-036DD89C5F89" + "matchCriteriaId": "28162FC6-3759-475D-AD57-A8F38BE6CB08" } ] } diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25070.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25070.json index 8afcae58beb..98950037373 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25070.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25070.json @@ -2,39 +2,150 @@ "id": "CVE-2023-25070", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:12.497", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:29:30.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator's communication to the product." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2.0", + "matchCriteriaId": "4B4E6633-A672-41D8-8BC7-8374EF2F59DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*", + "matchCriteriaId": "29D834FA-153B-4E9C-B88D-84BB86F3410C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2.0", + "matchCriteriaId": "AD96E423-1212-411C-BC8D-78F3A3B6C27A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1C62FA9-2A2F-4A29-95C7-3797623E9932" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN40604023/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/archives/73969/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25072.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25072.json index 2a77951e0ac..0afa750983e 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25072.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25072.json @@ -2,39 +2,150 @@ "id": "CVE-2023-25072", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:13.030", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:34:14.120", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-521" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2.0", + "matchCriteriaId": "4B4E6633-A672-41D8-8BC7-8374EF2F59DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*", + "matchCriteriaId": "29D834FA-153B-4E9C-B88D-84BB86F3410C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2.0", + "matchCriteriaId": "AD96E423-1212-411C-BC8D-78F3A3B6C27A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1C62FA9-2A2F-4A29-95C7-3797623E9932" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN40604023/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/archives/73969/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25184.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25184.json index e7f42242fff..19e9ce90309 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25184.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25184.json @@ -2,39 +2,178 @@ "id": "CVE-2023-25184", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:13.427", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:35:08.930", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, and SkySpider MB-R210 firmware Ver. 1.01.00 and earlier." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-521" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_basic_mb-a130_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.4.1", + "matchCriteriaId": "F81B98BA-4C78-4798-B118-299B530081E6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_basic_mb-a130:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FCACF50-F197-41A7-934C-6BDBD043A560" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a200_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "01.00.05", + "matchCriteriaId": "F23AF765-AF0C-48B7-A3DA-1A70A303C2D9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45CE4F45-5595-47E3-9BD4-47EA3D4F6E0E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:seiko-sol:skyspider_mb-r210_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.01.00", + "matchCriteriaId": "2A0B9CF9-E983-4C2B-B48E-DCD552079BE9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:seiko-sol:skyspider_mb-r210:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7919E835-B10A-4B1A-8D42-0A49B36AEBE8" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN40604023/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/archives/73969/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] }, { "url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2629.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2629.json index 72ee6d9241b..206d6cb497d 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2629.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2629.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2629", "sourceIdentifier": "security@huntr.dev", "published": "2023-05-10T16:15:10.660", - "lastModified": "2023-05-10T17:06:24.873", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:15:23.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pimcore:customer-data-framework:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3.9", + "matchCriteriaId": "E0297967-D5F3-423C-B673-60697D285E62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pimcore/customer-data-framework/commit/4e0105c3a78d20686a0c010faef27d2297b98803", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/821ff465-4754-42d1-9376-813c17f16a01", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2679.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2679.json index f4e23029d72..3ddd7b3ddce 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2679.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2679.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2679", "sourceIdentifier": "security@snowsoftware.com", "published": "2023-05-17T13:15:09.283", - "lastModified": "2023-05-17T13:15:09.283", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27919.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27919.json index 2fbeaaf457c..d9521f9721d 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27919.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27919.json @@ -2,23 +2,81 @@ "id": "CVE-2023-27919", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:14.753", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:34:34.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Authentication bypass vulnerability in NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series) all versions allows a remote unauthenticated attacker to alter the information stored in the system." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:next-engine:next_engine_integration:*:*:*:*:*:ec-cube:*:*", + "matchCriteriaId": "56591E29-1C27-4BFD-9C5C-A24CCBF1B612" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN50862842/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://main.next-engine.com/Usernotice/detail?id=1054", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2745.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2745.json index ead0ca3a728..37dd0a8e91c 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2745.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2745.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2745", "sourceIdentifier": "security@wordfence.com", "published": "2023-05-17T09:15:10.303", - "lastModified": "2023-05-17T12:46:46.567", + "lastModified": "2023-05-17T17:15:17.267", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -47,6 +47,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/172426/WordPress-Core-6.2-XSS-CSRF-Directory-Traversal.html", + "source": "security@wordfence.com" + }, { "url": "https://core.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=55765%40%2F&new=55765%40%2F&sfp_email=&sfph_mail=", "source": "security@wordfence.com" diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2765.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2765.json new file mode 100644 index 00000000000..746267d4b90 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2765.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-2765", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-17T17:15:17.363", + "lastModified": "2023-05-17T17:15:17.363", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-36" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.229270", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.229270", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2766.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2766.json new file mode 100644 index 00000000000..381655d1d36 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2766.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-2766", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-17T17:15:17.443", + "lastModified": "2023-05-17T17:15:17.443", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-552" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/8079048q/cve/blob/main/weaveroa.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.229271", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.229271", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2768.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2768.json new file mode 100644 index 00000000000..b5a1432238a --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2768.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-2768", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-17T17:15:17.523", + "lastModified": "2023-05-17T17:15:17.523", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Sucms 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin_ads.php?action=add. The manipulation of the argument intro leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-229274 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Upgradeextension/Sucms-v1.0/blob/main/README.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.229274", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.229274", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-288xx/CVE-2023-28858.json b/CVE-2023/CVE-2023-288xx/CVE-2023-28858.json index 011786136ab..00d0a78dd18 100644 --- a/CVE-2023/CVE-2023-288xx/CVE-2023-28858.json +++ b/CVE-2023/CVE-2023-288xx/CVE-2023-28858.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28858", "sourceIdentifier": "cve@mitre.org", "published": "2023-03-26T19:15:06.780", - "lastModified": "2023-04-05T18:37:34.083", + "lastModified": "2023-05-17T17:07:38.017", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,9 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:redis:redis-py:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2.0", "versionEndExcluding": "4.3.6", - "matchCriteriaId": "69637424-9476-4061-AE94-3850C9B74C17" + "matchCriteriaId": "01B96893-5078-47C0-A2F2-D1039A45152D" }, { "vulnerable": true, diff --git a/CVE-2023/CVE-2023-288xx/CVE-2023-28859.json b/CVE-2023/CVE-2023-288xx/CVE-2023-28859.json index 4dd2c49a9d1..95010d43565 100644 --- a/CVE-2023/CVE-2023-288xx/CVE-2023-28859.json +++ b/CVE-2023/CVE-2023-288xx/CVE-2023-28859.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28859", "sourceIdentifier": "cve@mitre.org", "published": "2023-03-26T19:15:06.850", - "lastModified": "2023-04-05T19:06:45.993", + "lastModified": "2023-05-17T17:08:20.883", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,16 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:redis:redis-py:*:*:*:*:*:*:*:*", - "versionEndIncluding": "4.5.3", - "matchCriteriaId": "8C34EEDA-921E-4849-A623-07D5539800A8" + "versionStartIncluding": "4.2.0", + "versionEndExcluding": "4.4.4", + "matchCriteriaId": "8BF5D290-49BC-4C70-B801-9DCE97070663" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redis:redis-py:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5.0", + "versionEndExcluding": "4.5.4", + "matchCriteriaId": "39E01CD5-9AC0-46ED-A952-1EAD9FBFC930" } ] } diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30438.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30438.json index 32d02547188..160aeee04b3 100644 --- a/CVE-2023/CVE-2023-304xx/CVE-2023-30438.json +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30438.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30438", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-05-17T13:15:09.380", - "lastModified": "2023-05-17T13:15:09.380", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30777.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30777.json index 21b7c08133a..b45afc49847 100644 --- a/CVE-2023/CVE-2023-307xx/CVE-2023-30777.json +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30777.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30777", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-10T06:15:18.520", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:42:11.797", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,18 +66,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:-:wordpress:*:*", + "versionEndExcluding": "6.1.6", + "matchCriteriaId": "DF442F23-84C4-4F1C-AD3F-5A0F23ED7734" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:pro:wordpress:*:*", + "versionEndExcluding": "6.1.6", + "matchCriteriaId": "84B537B5-130F-4A63-B97E-FDF0C1909C24" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/articles/reflected-xss-in-advanced-custom-fields-plugins-affecting-2-million-sites?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-1-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/advanced-custom-fields/wordpress-advanced-custom-fields-plugin-6-1-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31153.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31153.json index 4a8465eb28b..1bf2ba7c367 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31153.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31153.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31153", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:10.343", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:59:05.747", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r113-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "92EC2190-5E06-429E-A06A-76571E7ED430" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r119-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "2161BCBC-6892-47E6-9A9F-0A82F0AA6A92" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r109-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "0BF61241-5DC9-4CC8-8864-194FAE36F456" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r109-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "CAEC2354-33FF-4266-9648-BA165747EECE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31154.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31154.json index 9c27704ab74..c679d288fea 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31154.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31154.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31154", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:10.443", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:51:43.877", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "5D2D202A-9B85-4BA0-8FE4-A6F71F369E8D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "65D15943-DDAB-446D-9179-CEEEF7EDA5BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "B4821D90-2614-48D3-AFFC-B65C94E8968C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "0E6F4CFF-173F-4B68-8296-6F3713F98460" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31155.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31155.json index df6e934d90f..6faae008f35 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31155.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31155.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31155", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:10.543", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:39:46.910", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "5D2D202A-9B85-4BA0-8FE4-A6F71F369E8D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "65D15943-DDAB-446D-9179-CEEEF7EDA5BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "B4821D90-2614-48D3-AFFC-B65C94E8968C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "0E6F4CFF-173F-4B68-8296-6F3713F98460" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31156.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31156.json index b71fb1639ab..46da49620a4 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31156.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31156.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31156", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:10.633", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:47:55.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "5D2D202A-9B85-4BA0-8FE4-A6F71F369E8D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "65D15943-DDAB-446D-9179-CEEEF7EDA5BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "B4821D90-2614-48D3-AFFC-B65C94E8968C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "0E6F4CFF-173F-4B68-8296-6F3713F98460" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31157.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31157.json index 29d1a87158f..cef56a6912e 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31157.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31157.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31157", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:10.730", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:26:09.377", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "5D2D202A-9B85-4BA0-8FE4-A6F71F369E8D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "65D15943-DDAB-446D-9179-CEEEF7EDA5BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "B4821D90-2614-48D3-AFFC-B65C94E8968C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "0E6F4CFF-173F-4B68-8296-6F3713F98460" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31158.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31158.json index 5edeeac23d5..a00d5781b39 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31158.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31158.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31158", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:10.823", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:23:52.830", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "5D2D202A-9B85-4BA0-8FE4-A6F71F369E8D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "65D15943-DDAB-446D-9179-CEEEF7EDA5BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "B4821D90-2614-48D3-AFFC-B65C94E8968C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "0E6F4CFF-173F-4B68-8296-6F3713F98460" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31163.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31163.json index 3b667f6ec7c..1d8a5bae1af 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31163.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31163.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31163", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:11.263", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:23:28.937", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r113-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "92EC2190-5E06-429E-A06A-76571E7ED430" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r119-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "2161BCBC-6892-47E6-9A9F-0A82F0AA6A92" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r100-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "4A438B8C-AD18-47F5-94BF-2484D778EA75" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r108-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "C48D1C36-0F34-4A95-88E2-B69DE8803AF7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31164.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31164.json index 1718a976910..f186aa1080c 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31164.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31164.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31164", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:11.360", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:14:29.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r113-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "92EC2190-5E06-429E-A06A-76571E7ED430" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r119-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "2161BCBC-6892-47E6-9A9F-0A82F0AA6A92" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r100-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "4A438B8C-AD18-47F5-94BF-2484D778EA75" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r108-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "C48D1C36-0F34-4A95-88E2-B69DE8803AF7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31165.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31165.json index 299d0822742..85b2e4aba0f 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31165.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31165.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31165", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:11.440", - "lastModified": "2023-05-11T13:36:25.773", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:13:58.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r113-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "92EC2190-5E06-429E-A06A-76571E7ED430" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r119-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "2161BCBC-6892-47E6-9A9F-0A82F0AA6A92" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r100-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "4A438B8C-AD18-47F5-94BF-2484D778EA75" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r108-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "C48D1C36-0F34-4A95-88E2-B69DE8803AF7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31166.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31166.json index 633d6c75c80..af50ba3d754 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31166.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31166.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31166", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:11.537", - "lastModified": "2023-05-11T13:36:25.773", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:11:11.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r126-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BAD3F78-6369-47E6-9E44-BB48BBFFC967" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r126-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "BAA9CABD-D8C4-4B90-A08C-7FB7428723FA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r126-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "CAC9158A-E358-437E-9DE8-C0C98ABD5934" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r126-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "00FF1F6D-9562-4B44-B792-6555721AD81A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31478.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31478.json index 19490c90b7e..fda8600e133 100644 --- a/CVE-2023/CVE-2023-314xx/CVE-2023-31478.json +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31478.json @@ -2,23 +2,964 @@ "id": "CVE-2023-31478", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-09T23:15:09.940", - "lastModified": "2023-05-10T02:29:55.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:04:19.150", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-s20_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "9B0A4356-5F36-40FB-918F-F46EBC31445C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-s20:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B3C5203D-A4A1-42DA-81BA-6701024E86C1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-x3000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "F6F88699-FE89-4E7C-85D3-B55568116CC1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-x3000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4521F491-9472-4511-9EA6-A6E2E429E306" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "AADA4620-98B7-4B68-9C0C-4C73685B0B3B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D832083-488B-40F2-8D7A-66E917DF67F9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "4BFC3E12-5AC4-4C3F-86E1-1F6522090F91" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt2500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "88C600EF-AF68-45F0-B9C0-7ECA0D33179C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt2500a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "3301C89D-C179-4DBE-91BA-9834D8AB1574" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt2500a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7E7A9451-E593-4429-BF4C-0B03851C09B7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "5B79F7E4-7A5A-48EA-8B4F-1FF42681C9B0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-axt1800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49448661-9D95-4218-B2FA-73610AA5523C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "C60CE3B3-2DEB-4707-A4E8-40262BE9CC22" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-a1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2365517B-F8AF-490D-9282-36679EB484D2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "FF71926B-3442-465A-8009-4CC49AF84065" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ax1800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "459CA3AD-7D9A-4E72-8847-9F989232CDCD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-sft1200_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "25F4A1AA-E898-4220-9C29-892AA199EB3C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-sft1200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AD353D31-AA76-4A03-AA33-B618A3E28E3A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "69DB6A57-60F5-4811-9371-E4FE40F6E6A0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "65A8D1C9-9EAE-4EDF-A1D4-D45E9EE65585" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-e750_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "1435C66B-38C7-4ECC-993D-F4EDD2853898" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-e750:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B5C88C24-42C5-4512-83B5-F7DED1D70E86" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mv1000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "9F3A14CF-4A49-4D82-B665-C56D8D98E6AE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mv1000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "64F0FB60-564D-492A-BF60-AEE3FDD33CEA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mv1000w_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "CA8C1CAE-1ABA-438E-AB60-0ECAD46DBFEA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mv1000w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E736B698-B40F-490C-A994-E3F89EBD764F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-s10_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "3DF83156-A2BB-4081-A701-4AF613DBC2BB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-s10:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8B182C20-3D15-4753-9A96-BF9F7F778CE7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-s200_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "13CCF94F-675C-42C9-9849-C214A66EDDDB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-s200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "54BAA0C6-0A44-4C67-9C9D-DC5D04434D04" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-s1300_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "8B689F84-726F-433B-8288-FC03B2018672" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-s1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D6D5F40B-93A6-486F-8575-3DAAAC324B93" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-sf1200_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "01E0F8DB-0B4C-4EE9-AD20-1353D44C5163" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-sf1200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1E7DDA65-A3AE-4769-A6FF-3878ECA45DC1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "59A98C79-93E2-4E90-B5C0-C64E11F13952" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-b1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10D84ECB-35CB-42B0-B925-8B631C235CC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-b2200_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "2BE77DD2-EC55-432F-AEB5-7080CAEB2E8D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-b2200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "83560162-69E2-4E4C-8220-72455FAB45C3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ap1300_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "8F690433-A66B-4EF4-82A6-53DB7DAC28B1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ap1300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "555437D1-E216-4A0B-812A-29683D662D4C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ap1300lte_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "84F959D3-DE3B-498B-920E-B3937E9722E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ap1300lte:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C5FBDA79-D693-47C6-9A3A-12923B415722" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-x1200_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "9350E6E0-D5B0-4771-B3E9-2D32595B34E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-x1200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E50D1D1D-F363-4B77-BD4B-64B111D40603" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-x750_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "13E0A95F-C2ED-4013-A799-897882F2DF97" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-x750:-:*:*:*:*:*:*:*", + "matchCriteriaId": "17F0F848-0A3A-43CB-A766-71FD37CADF1B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-x300b_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "B361B182-C97B-4F68-A7DE-8DA7F2E809EC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-x300b:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6C489C-C1DF-4D8B-9554-0F03E329AABB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-xe300_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "99E0D394-EF3E-4D41-A2AB-9288C4D9351F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-xe300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B11C2B97-A528-4BA9-9E46-293715A2BC21" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "4F49F121-78E5-4256-AE49-1CABE9E09402" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8C939D70-5353-43B7-AEF9-8F1D784DD4EF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "C14588E5-B00D-4FAF-84DA-CE190E1A88AE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ar750:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FE176E8-8CB1-429B-9B3B-E1F58EC0C8F5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mifi_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "ED6628FC-28A1-42C9-9B17-9FA5F8F0E670" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mifi:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B9DB815-57A6-45F4-A68D-3507C3EE383E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "7BDF9205-45B2-4AC3-9997-2666FD0231E7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-mt300n-v2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EA4A042E-2C80-4EF9-93CA-D2756216BB0C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "8D22AEE4-C757-42E8-AFA2-DB0F07883E55" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-ar300m:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10C965DA-2D49-4ED6-B028-3A23164EDC14" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:gl-usb150_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "32540966-8B83-4D32-9B64-FA4F6C8C461F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:gl-usb150:-:*:*:*:*:*:*:*", + "matchCriteriaId": "322804A7-CE99-41E8-90DA-B60BE85F9449" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:gl-inet:microuter-n300_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.216", + "matchCriteriaId": "8FF61490-908B-41CD-9DB4-EDD7B937828C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:gl-inet:microuter-n300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "13BEA3DD-0633-4F0B-97E0-C544C8232E3D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/gl-inet/CVE-issues/blob/main/3.215/SSID_Key_Disclosure.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://www.gl-inet.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-315xx/CVE-2023-31554.json b/CVE-2023/CVE-2023-315xx/CVE-2023-31554.json index 84d4087bb1d..97dbce77278 100644 --- a/CVE-2023/CVE-2023-315xx/CVE-2023-31554.json +++ b/CVE-2023/CVE-2023-315xx/CVE-2023-31554.json @@ -2,19 +2,74 @@ "id": "CVE-2023-31554", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-10T16:15:12.263", - "lastModified": "2023-05-10T17:06:24.873", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:56:30.120", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readPageLabelTree2(Object*). This vulnerability allows attackers to cause a Denial of Service (DoS)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:glyphandcog:pdfimages:4.04:*:*:*:*:*:*:*", + "matchCriteriaId": "30F81024-7899-4E48-9D12-AFF61E1A75B0" + } + ] + } + ] + } + ], "references": [ { "url": "https://forum.xpdfreader.com/viewtopic.php?t=42421", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json index 87ab6e4aa53..13754038a46 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31698", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T13:15:09.463", - "lastModified": "2023-05-17T13:15:09.463", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31699.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31699.json index e7d24a88d34..316c076957f 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31699.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31699.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31699", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T13:15:09.517", - "lastModified": "2023-05-17T13:15:09.517", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31700.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31700.json index bdafc8eae58..e1ae037b5d9 100644 --- a/CVE-2023/CVE-2023-317xx/CVE-2023-31700.json +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31700.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31700", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T14:15:09.323", - "lastModified": "2023-05-17T14:15:09.323", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31701.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31701.json index c1a835b9b83..c6809ed6884 100644 --- a/CVE-2023/CVE-2023-317xx/CVE-2023-31701.json +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31701.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31701", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T14:15:09.383", - "lastModified": "2023-05-17T14:15:09.383", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31702.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31702.json index 36a4ebdb673..7c45f44d9b6 100644 --- a/CVE-2023/CVE-2023-317xx/CVE-2023-31702.json +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31702.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31702", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T13:15:09.567", - "lastModified": "2023-05-17T13:15:09.567", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31703.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31703.json index 1eeac190de0..84e7e23ba60 100644 --- a/CVE-2023/CVE-2023-317xx/CVE-2023-31703.json +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31703.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31703", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T13:15:09.617", - "lastModified": "2023-05-17T13:15:09.617", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31722.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31722.json index 78d894e0064..32e6f168d3c 100644 --- a/CVE-2023/CVE-2023-317xx/CVE-2023-31722.json +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31722.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31722", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T14:15:09.423", - "lastModified": "2023-05-17T14:15:09.423", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31723.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31723.json index 79816d4a74b..fafd3452525 100644 --- a/CVE-2023/CVE-2023-317xx/CVE-2023-31723.json +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31723.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31723", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T15:15:08.873", - "lastModified": "2023-05-17T15:15:08.873", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31724.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31724.json index e106c9051ee..e1d6615eeec 100644 --- a/CVE-2023/CVE-2023-317xx/CVE-2023-31724.json +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31724.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31724", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T15:15:08.917", - "lastModified": "2023-05-17T15:15:08.917", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31725.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31725.json index 2976f93095d..e3ebe9194a6 100644 --- a/CVE-2023/CVE-2023-317xx/CVE-2023-31725.json +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31725.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31725", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T15:15:08.957", - "lastModified": "2023-05-17T15:15:08.957", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31902.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31902.json index 54cec958a74..748f9e5472a 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31902.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31902.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31902", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T13:15:09.667", - "lastModified": "2023-05-17T13:15:09.667", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31903.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31903.json index e4b0c3b1286..41b0090823c 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31903.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31903.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31903", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T13:15:09.720", - "lastModified": "2023-05-17T13:15:09.720", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31904.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31904.json index 74d43b7e0e1..1f7d2cb9f83 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31904.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31904.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31904", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T13:15:09.777", - "lastModified": "2023-05-17T13:15:09.777", - "vulnStatus": "Received", + "lastModified": "2023-05-17T17:00:54.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31908.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31908.json index 128dc9e02cc..b8ac6f73fbc 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31908.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31908.json @@ -2,19 +2,76 @@ "id": "CVE-2023-31908", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-10T15:15:10.533", - "lastModified": "2023-05-10T15:26:03.940", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:47:22.840", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jerryscript:jerryscript:3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6DB8D818-8F21-4FD3-8D4D-A024A6346CB4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jerryscript-project/jerryscript/issues/5067", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31910.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31910.json index 1fe37d49467..0a750c20484 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31910.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31910.json @@ -2,19 +2,76 @@ "id": "CVE-2023-31910", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-10T15:15:10.697", - "lastModified": "2023-05-10T15:26:03.940", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T17:49:55.873", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jerryscript:jerryscript:3.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B1A23519-19ED-4F75-9CAA-42057F88EDE5" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jerryscript-project/jerryscript/issues/5076", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32573.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32573.json index fee016a5edb..ebba34f0235 100644 --- a/CVE-2023/CVE-2023-325xx/CVE-2023-32573.json +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32573.json @@ -2,19 +2,89 @@ "id": "CVE-2023-32573", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-10T06:15:19.070", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T16:56:07.567", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.14", + "matchCriteriaId": "006030F9-35BF-489D-8C3F-14ECF93518C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.2.9", + "matchCriteriaId": "513DDB0D-A132-4046-8B49-D2776E585826" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.3.0", + "versionEndExcluding": "6.5.1", + "matchCriteriaId": "116DC3F0-630E-43F6-AD19-0ABB41CF3D70" + } + ] + } + ] + } + ], "references": [ { "url": "https://codereview.qt-project.org/c/qt/qtsvg/+/474093", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 0cd69dcb305..f3b0d434807 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-17T16:00:34.046651+00:00 +2023-05-17T18:00:35.205182+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-17T15:54:19.420000+00:00 +2023-05-17T17:56:30.120000+00:00 ``` ### Last Data Feed Release @@ -29,34 +29,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -215530 +215534 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `4` -* [CVE-2023-31700](CVE-2023/CVE-2023-317xx/CVE-2023-31700.json) (`2023-05-17T14:15:09.323`) -* [CVE-2023-31701](CVE-2023/CVE-2023-317xx/CVE-2023-31701.json) (`2023-05-17T14:15:09.383`) -* [CVE-2023-31722](CVE-2023/CVE-2023-317xx/CVE-2023-31722.json) (`2023-05-17T14:15:09.423`) -* [CVE-2023-31723](CVE-2023/CVE-2023-317xx/CVE-2023-31723.json) (`2023-05-17T15:15:08.873`) -* [CVE-2023-31724](CVE-2023/CVE-2023-317xx/CVE-2023-31724.json) (`2023-05-17T15:15:08.917`) -* [CVE-2023-31725](CVE-2023/CVE-2023-317xx/CVE-2023-31725.json) (`2023-05-17T15:15:08.957`) +* [CVE-2023-22348](CVE-2023/CVE-2023-223xx/CVE-2023-22348.json) (`2023-05-17T16:15:09.110`) +* [CVE-2023-2765](CVE-2023/CVE-2023-27xx/CVE-2023-2765.json) (`2023-05-17T17:15:17.363`) +* [CVE-2023-2766](CVE-2023/CVE-2023-27xx/CVE-2023-2766.json) (`2023-05-17T17:15:17.443`) +* [CVE-2023-2768](CVE-2023/CVE-2023-27xx/CVE-2023-2768.json) (`2023-05-17T17:15:17.523`) ### CVEs modified in the last Commit -Recently modified CVEs: `9` +Recently modified CVEs: `122` -* [CVE-2021-31711](CVE-2021/CVE-2021-317xx/CVE-2021-31711.json) (`2023-05-17T14:34:05.743`) -* [CVE-2022-4008](CVE-2022/CVE-2022-40xx/CVE-2022-4008.json) (`2023-05-17T14:42:11.513`) -* [CVE-2023-27973](CVE-2023/CVE-2023-279xx/CVE-2023-27973.json) (`2023-05-17T14:53:00.670`) -* [CVE-2023-28316](CVE-2023/CVE-2023-283xx/CVE-2023-28316.json) (`2023-05-17T14:55:34.737`) -* [CVE-2023-30837](CVE-2023/CVE-2023-308xx/CVE-2023-30837.json) (`2023-05-17T15:11:27.660`) -* [CVE-2023-30860](CVE-2023/CVE-2023-308xx/CVE-2023-30860.json) (`2023-05-17T15:15:37.447`) -* [CVE-2023-22441](CVE-2023/CVE-2023-224xx/CVE-2023-22441.json) (`2023-05-17T15:37:23.017`) -* [CVE-2023-2617](CVE-2023/CVE-2023-26xx/CVE-2023-2617.json) (`2023-05-17T15:52:34.300`) -* [CVE-2023-2618](CVE-2023/CVE-2023-26xx/CVE-2023-2618.json) (`2023-05-17T15:54:19.420`) +* [CVE-2023-31903](CVE-2023/CVE-2023-319xx/CVE-2023-31903.json) (`2023-05-17T17:00:54.967`) +* [CVE-2023-31904](CVE-2023/CVE-2023-319xx/CVE-2023-31904.json) (`2023-05-17T17:00:54.967`) +* [CVE-2023-31700](CVE-2023/CVE-2023-317xx/CVE-2023-31700.json) (`2023-05-17T17:00:54.967`) +* [CVE-2023-31701](CVE-2023/CVE-2023-317xx/CVE-2023-31701.json) (`2023-05-17T17:00:54.967`) +* [CVE-2023-31722](CVE-2023/CVE-2023-317xx/CVE-2023-31722.json) (`2023-05-17T17:00:54.967`) +* [CVE-2023-31723](CVE-2023/CVE-2023-317xx/CVE-2023-31723.json) (`2023-05-17T17:00:54.967`) +* [CVE-2023-31724](CVE-2023/CVE-2023-317xx/CVE-2023-31724.json) (`2023-05-17T17:00:54.967`) +* [CVE-2023-31725](CVE-2023/CVE-2023-317xx/CVE-2023-31725.json) (`2023-05-17T17:00:54.967`) +* [CVE-2023-1732](CVE-2023/CVE-2023-17xx/CVE-2023-1732.json) (`2023-05-17T17:04:45.347`) +* [CVE-2023-2479](CVE-2023/CVE-2023-24xx/CVE-2023-2479.json) (`2023-05-17T17:05:52.643`) +* [CVE-2023-21968](CVE-2023/CVE-2023-219xx/CVE-2023-21968.json) (`2023-05-17T17:06:35.360`) +* [CVE-2023-28858](CVE-2023/CVE-2023-288xx/CVE-2023-28858.json) (`2023-05-17T17:07:38.017`) +* [CVE-2023-28859](CVE-2023/CVE-2023-288xx/CVE-2023-28859.json) (`2023-05-17T17:08:20.883`) +* [CVE-2023-31166](CVE-2023/CVE-2023-311xx/CVE-2023-31166.json) (`2023-05-17T17:11:11.257`) +* [CVE-2023-31165](CVE-2023/CVE-2023-311xx/CVE-2023-31165.json) (`2023-05-17T17:13:58.847`) +* [CVE-2023-31164](CVE-2023/CVE-2023-311xx/CVE-2023-31164.json) (`2023-05-17T17:14:29.607`) +* [CVE-2023-2745](CVE-2023/CVE-2023-27xx/CVE-2023-2745.json) (`2023-05-17T17:15:17.267`) +* [CVE-2023-2629](CVE-2023/CVE-2023-26xx/CVE-2023-2629.json) (`2023-05-17T17:15:23.327`) +* [CVE-2023-31163](CVE-2023/CVE-2023-311xx/CVE-2023-31163.json) (`2023-05-17T17:23:28.937`) +* [CVE-2023-31158](CVE-2023/CVE-2023-311xx/CVE-2023-31158.json) (`2023-05-17T17:23:52.830`) +* [CVE-2023-31157](CVE-2023/CVE-2023-311xx/CVE-2023-31157.json) (`2023-05-17T17:26:09.377`) +* [CVE-2023-31908](CVE-2023/CVE-2023-319xx/CVE-2023-31908.json) (`2023-05-17T17:47:22.840`) +* [CVE-2023-31156](CVE-2023/CVE-2023-311xx/CVE-2023-31156.json) (`2023-05-17T17:47:55.157`) +* [CVE-2023-31910](CVE-2023/CVE-2023-319xx/CVE-2023-31910.json) (`2023-05-17T17:49:55.873`) +* [CVE-2023-31554](CVE-2023/CVE-2023-315xx/CVE-2023-31554.json) (`2023-05-17T17:56:30.120`) ## Download and Usage