diff --git a/CVE-2022/CVE-2022-329xx/CVE-2022-32919.json b/CVE-2022/CVE-2022-329xx/CVE-2022-32919.json index 74a0a35d4cf..14305b689b3 100644 --- a/CVE-2022/CVE-2022-329xx/CVE-2022-32919.json +++ b/CVE-2022/CVE-2022-329xx/CVE-2022-32919.json @@ -2,8 +2,8 @@ "id": "CVE-2022-32919", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.173", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:23:36.687", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,88 @@ "value": "El problema se solucion\u00f3 mejorando el manejo de la interfaz de usuario. Este problema se solucion\u00f3 en iOS 16.2 y iPadOS 16.2, macOS Ventura 13.1. Visitar un sitio web que enmarque contenido malicioso puede provocar una suplantaci\u00f3n de la interfaz de usuario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1021" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.2", + "matchCriteriaId": "89495791-675B-413C-A86D-ECBADF4EDC4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.2", + "matchCriteriaId": "6B1B6657-43F5-4F0E-BE5C-5D828DEE066F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.1", + "matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213530", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213532", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-329xx/CVE-2022-32931.json b/CVE-2022/CVE-2022-329xx/CVE-2022-32931.json index 46df806ef96..2fe852977c2 100644 --- a/CVE-2022/CVE-2022-329xx/CVE-2022-32931.json +++ b/CVE-2022/CVE-2022-329xx/CVE-2022-32931.json @@ -2,8 +2,8 @@ "id": "CVE-2022-32931", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.240", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:10:19.543", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "Este problema se solucion\u00f3 mejorando la protecci\u00f3n de datos. Este problema se solucion\u00f3 en macOS Ventura 13. Una aplicaci\u00f3n con privilegios de root puede acceder a informaci\u00f3n privada." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.0", + "matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213488", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-364xx/CVE-2022-36418.json b/CVE-2022/CVE-2022-364xx/CVE-2022-36418.json index dd5b5caae12..383b52b83be 100644 --- a/CVE-2022/CVE-2022-364xx/CVE-2022-36418.json +++ b/CVE-2022/CVE-2022-364xx/CVE-2022-36418.json @@ -2,8 +2,8 @@ "id": "CVE-2022-36418", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-17T16:15:45.817", - "lastModified": "2024-01-17T16:15:45.817", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:08.140", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-381xx/CVE-2022-38141.json b/CVE-2022/CVE-2022-381xx/CVE-2022-38141.json index 9add9816f1f..48590880303 100644 --- a/CVE-2022/CVE-2022-381xx/CVE-2022-38141.json +++ b/CVE-2022/CVE-2022-381xx/CVE-2022-38141.json @@ -2,8 +2,8 @@ "id": "CVE-2022-38141", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-17T16:15:46.033", - "lastModified": "2024-01-17T16:15:46.033", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:08.140", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-402xx/CVE-2022-40203.json b/CVE-2022/CVE-2022-402xx/CVE-2022-40203.json index dd526e35bcb..e3c74940de4 100644 --- a/CVE-2022/CVE-2022-402xx/CVE-2022-40203.json +++ b/CVE-2022/CVE-2022-402xx/CVE-2022-40203.json @@ -2,8 +2,8 @@ "id": "CVE-2022-40203", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-17T16:15:46.230", - "lastModified": "2024-01-17T16:15:46.230", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:08.140", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-407xx/CVE-2022-40702.json b/CVE-2022/CVE-2022-407xx/CVE-2022-40702.json new file mode 100644 index 00000000000..d3cdfc95d5d --- /dev/null +++ b/CVE-2022/CVE-2022-407xx/CVE-2022-40702.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2022-40702", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-17T17:15:09.120", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a through 1.5.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/advanced-local-pickup-for-woocommerce/wordpress-advanced-local-pickup-for-woocommerce-plugin-1-5-2-broken-access-control?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-416xx/CVE-2022-41619.json b/CVE-2022/CVE-2022-416xx/CVE-2022-41619.json new file mode 100644 index 00000000000..1e5f463c739 --- /dev/null +++ b/CVE-2022/CVE-2022-416xx/CVE-2022-41619.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2022-41619", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-17T17:15:09.333", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in SedLex Image Zoom.This issue affects Image Zoom: from n/a through 1.8.8.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/image-zoom/wordpress-image-zoom-plugin-1-8-8-multiple-broken-access-control-vulnerabilities?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-416xx/CVE-2022-41695.json b/CVE-2022/CVE-2022-416xx/CVE-2022-41695.json new file mode 100644 index 00000000000..504b7d96876 --- /dev/null +++ b/CVE-2022/CVE-2022-416xx/CVE-2022-41695.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2022-41695", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-17T17:15:09.550", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in SedLex Traffic Manager.This issue affects Traffic Manager: from n/a through 1.4.5.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/traffic-manager/wordpress-traffic-manager-plugin-1-4-5-multiple-vulnerabilities?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41786.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41786.json new file mode 100644 index 00000000000..70fc4b7ac97 --- /dev/null +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41786.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2022-41786", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-17T18:15:45.000", + "lastModified": "2024-01-17T18:15:45.000", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WP Job Portal WP Job Portal \u2013 A Complete Job Board.This issue affects WP Job Portal \u2013 A Complete Job Board: from n/a through 2.0.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-job-portal/wordpress-wp-job-portal-plugin-1-1-9-unauthorized-plugin-settings-change-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41790.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41790.json new file mode 100644 index 00000000000..c5f458a9607 --- /dev/null +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41790.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2022-41790", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-17T18:15:45.207", + "lastModified": "2024-01-17T18:15:45.207", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.1.76.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-time-slots-booking-form/wordpress-wp-time-slots-booking-form-plugin-1-1-76-missing-authorization-leading-to-feedback-submission-vulnerability", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-419xx/CVE-2022-41990.json b/CVE-2022/CVE-2022-419xx/CVE-2022-41990.json new file mode 100644 index 00000000000..48cee69f529 --- /dev/null +++ b/CVE-2022/CVE-2022-419xx/CVE-2022-41990.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2022-41990", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-17T17:15:09.757", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza 3D Tag Cloud allows Stored XSS.This issue affects 3D Tag Cloud: from n/a through 3.8.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/cardoza-3d-tag-cloud/wordpress-3d-tag-cloud-plugin-3-8-stored-cross-site-scripting-xss-via-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-428xx/CVE-2022-42816.json b/CVE-2022/CVE-2022-428xx/CVE-2022-42816.json index 4b080c44eb6..7ebb8f8b8b8 100644 --- a/CVE-2022/CVE-2022-428xx/CVE-2022-42816.json +++ b/CVE-2022/CVE-2022-428xx/CVE-2022-42816.json @@ -2,8 +2,8 @@ "id": "CVE-2022-42816", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.290", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:09:58.430", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "Se abord\u00f3 una cuesti\u00f3n de l\u00f3gica con una mejor gesti\u00f3n estatal. Este problema se solucion\u00f3 en macOS Ventura 13. Es posible que una aplicaci\u00f3n pueda modificar partes protegidas del sistema de archivos." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.0", + "matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213488", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-428xx/CVE-2022-42839.json b/CVE-2022/CVE-2022-428xx/CVE-2022-42839.json index c12e1f35285..a38b5bd6c04 100644 --- a/CVE-2022/CVE-2022-428xx/CVE-2022-42839.json +++ b/CVE-2022/CVE-2022-428xx/CVE-2022-42839.json @@ -2,8 +2,8 @@ "id": "CVE-2022-42839", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.330", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:09:35.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,88 @@ "value": "Este problema se solucion\u00f3 mejorando la redacci\u00f3n de informaci\u00f3n confidencial. Este problema se solucion\u00f3 en iOS 16.2 y iPadOS 16.2, macOS Ventura 13.1. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n confidencial de ubicaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.2", + "matchCriteriaId": "89495791-675B-413C-A86D-ECBADF4EDC4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.2", + "matchCriteriaId": "6B1B6657-43F5-4F0E-BE5C-5D828DEE066F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.1", + "matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213530", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213532", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-467xx/CVE-2022-46710.json b/CVE-2022/CVE-2022-467xx/CVE-2022-46710.json index 572f511dd5b..93eba1757bf 100644 --- a/CVE-2022/CVE-2022-467xx/CVE-2022-46710.json +++ b/CVE-2022/CVE-2022-467xx/CVE-2022-46710.json @@ -2,8 +2,8 @@ "id": "CVE-2022-46710", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.380", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:50:45.993", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,88 @@ "value": "Se solucion\u00f3 un problema de l\u00f3gica con controles mejorados. Este problema se solucion\u00f3 en iOS 16.2 y iPadOS 16.2, macOS Ventura 13.1. Los datos de Location se pueden compartir a trav\u00e9s de enlaces de iCloud incluso si los metadatos de Location est\u00e1n deshabilitados a trav\u00e9s de Share Sheet." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.2", + "matchCriteriaId": "89495791-675B-413C-A86D-ECBADF4EDC4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.2", + "matchCriteriaId": "6B1B6657-43F5-4F0E-BE5C-5D828DEE066F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.1", + "matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213530", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213532", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-467xx/CVE-2022-46721.json b/CVE-2022/CVE-2022-467xx/CVE-2022-46721.json index 270f7762a91..3564e125e41 100644 --- a/CVE-2022/CVE-2022-467xx/CVE-2022-46721.json +++ b/CVE-2022/CVE-2022-467xx/CVE-2022-46721.json @@ -2,8 +2,8 @@ "id": "CVE-2022-46721", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.430", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:40:40.553", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Ventura 13. Es posible que una aplicaci\u00f3n pueda ejecutar c\u00f3digo arbitrario con privilegios del kernel." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.0", + "matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213488", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-479xx/CVE-2022-47915.json b/CVE-2022/CVE-2022-479xx/CVE-2022-47915.json index e38a303ead6..7c2c8f65845 100644 --- a/CVE-2022/CVE-2022-479xx/CVE-2022-47915.json +++ b/CVE-2022/CVE-2022-479xx/CVE-2022-47915.json @@ -2,8 +2,8 @@ "id": "CVE-2022-47915", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.473", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:42:27.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Ventura 13. Es posible que una aplicaci\u00f3n pueda ejecutar c\u00f3digo arbitrario con privilegios del kernel." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.0", + "matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213488", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-479xx/CVE-2022-47965.json b/CVE-2022/CVE-2022-479xx/CVE-2022-47965.json index 509c6b86db1..04ad89cf920 100644 --- a/CVE-2022/CVE-2022-479xx/CVE-2022-47965.json +++ b/CVE-2022/CVE-2022-479xx/CVE-2022-47965.json @@ -2,8 +2,8 @@ "id": "CVE-2022-47965", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.523", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:51:14.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Ventura 13. Es posible que una aplicaci\u00f3n pueda ejecutar c\u00f3digo arbitrario con privilegios del kernel." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.0", + "matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213488", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48504.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48504.json index 018ea9fae91..82de6c3fc15 100644 --- a/CVE-2022/CVE-2022-485xx/CVE-2022-48504.json +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48504.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48504", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.563", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:53:36.217", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "El problema se solucion\u00f3 mejorando el manejo de los cach\u00e9s. Este problema se solucion\u00f3 en macOS Ventura 13. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.0", + "matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213488", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48577.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48577.json index 4820ac3acd1..a38784ee8bf 100644 --- a/CVE-2022/CVE-2022-485xx/CVE-2022-48577.json +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48577.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48577", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:47.610", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:59:46.343", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "Se solucion\u00f3 un problema de acceso mejorando las restricciones de acceso. Este problema se solucion\u00f3 en macOS Ventura 13. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.0", + "matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213488", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-202xx/CVE-2023-20257.json b/CVE-2023/CVE-2023-202xx/CVE-2023-20257.json new file mode 100644 index 00000000000..fdf0315a6a3 --- /dev/null +++ b/CVE-2023/CVE-2023-202xx/CVE-2023-20257.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-20257", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-01-17T17:15:09.960", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by submitting malicious input containing script or HTML content within requests that would stored within the application interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks against other users of the affected application." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-202xx/CVE-2023-20258.json b/CVE-2023/CVE-2023-202xx/CVE-2023-20258.json new file mode 100644 index 00000000000..45416724a38 --- /dev/null +++ b/CVE-2023/CVE-2023-202xx/CVE-2023-20258.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-20258", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-01-17T17:15:10.147", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to improper processing of serialized Java objects by the affected application. An attacker could exploit this vulnerability by uploading a document containing malicious serialized Java objects to be processed by the affected application. A successful exploit could allow the attacker to cause the application to execute arbitrary commands." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-202xx/CVE-2023-20260.json b/CVE-2023/CVE-2023-202xx/CVE-2023-20260.json new file mode 100644 index 00000000000..ce7e2715995 --- /dev/null +++ b/CVE-2023/CVE-2023-202xx/CVE-2023-20260.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-20260", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-01-17T17:15:10.323", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-202xx/CVE-2023-20271.json b/CVE-2023/CVE-2023-202xx/CVE-2023-20271.json new file mode 100644 index 00000000000..8ea1921b098 --- /dev/null +++ b/CVE-2023/CVE-2023-202xx/CVE-2023-20271.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-20271", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-01-17T17:15:10.540", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain and modify sensitive information that is stored in the underlying database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23882.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23882.json new file mode 100644 index 00000000000..10ca09dd8f4 --- /dev/null +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23882.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-23882", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-17T17:15:10.720", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder \u2013 Lite.This issue affects Ultimate Addons for Beaver Builder \u2013 Lite: from n/a through 1.5.5.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/ultimate-addons-for-beaver-builder-lite/wordpress-ultimate-addons-for-beaver-builder-lite-plugin-1-5-5-broken-access-control-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23896.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23896.json new file mode 100644 index 00000000000..3b962a35b0a --- /dev/null +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23896.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-23896", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-17T17:15:10.913", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in MyThemeShop URL Shortener by MyThemeShop.This issue affects URL Shortener by MyThemeShop: from n/a through 1.0.17.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/mts-url-shortener/wordpress-url-shortener-by-mythemeshop-plugin-1-0-16-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34379.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34379.json index da7cd508107..0b0a551180f 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34379.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34379.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34379", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-17T16:15:46.427", - "lastModified": "2024-01-17T16:15:46.427", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:08.140", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38607.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38607.json index 26ae21c0be9..765576b1681 100644 --- a/CVE-2023/CVE-2023-386xx/CVE-2023-38607.json +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38607.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38607", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:48.310", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:08:51.370", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "El problema se solucion\u00f3 mejorando el manejo de los cach\u00e9s. Este problema se solucion\u00f3 en macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda modificar la configuraci\u00f3n de la impresora." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.0", + "matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213940", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40393.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40393.json index 1b80ac636bc..595ff969e40 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40393.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40393.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40393", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:48.550", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:30:39.897", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "Se solucion\u00f3 un problema de autenticaci\u00f3n con una gesti\u00f3n de estado mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14. Las fotos de Hidden Photos Album se pueden ver sin autenticaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.0", + "matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213940", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40433.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40433.json index dd448215c1f..67213632774 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40433.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40433.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40433", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:48.787", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:52:03.727", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "Se solucion\u00f3 un problema de l\u00f3gica con controles mejorados. Este problema se solucion\u00f3 en macOS Ventura 13.3. Una aplicaci\u00f3n puede omitir las comprobaciones de Gatekeeper." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.3", + "matchCriteriaId": "F58DAF22-8807-445A-AD05-8510829526CB" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-410xx/CVE-2023-41056.json b/CVE-2023/CVE-2023-410xx/CVE-2023-41056.json index 609e4019709..5fadb36d24c 100644 --- a/CVE-2023/CVE-2023-410xx/CVE-2023-41056.json +++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41056.json @@ -2,16 +2,40 @@ "id": "CVE-2023-41056", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-10T16:15:46.557", - "lastModified": "2024-01-10T16:59:53.407", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:34:53.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4." + }, + { + "lang": "es", + "value": "Redis es una base de datos en memoria que persiste en el disco. Redis maneja incorrectamente el cambio de tama\u00f1o de los b\u00faferes de memoria, lo que puede provocar un desbordamiento de enteros que provoca un desbordamiento del mont\u00f3n y una posible ejecuci\u00f3n remota de c\u00f3digo. Este problema se solucion\u00f3 en las versiones 7.0.15 y 7.2.4." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -50,18 +74,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.9", + "versionEndExcluding": "7.0.15", + "matchCriteriaId": "205F5134-0355-48E0-B2F4-7E14179654D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.2.0", + "versionEndExcluding": "7.2.4", + "matchCriteriaId": "FE0E44DA-5BAD-4EB8-82D8-93BB2D7D9CDE" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/redis/redis/releases/tag/7.0.15", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/redis/redis/releases/tag/7.2.4", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42865.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42865.json index 5a01ce2baac..ace6f329841 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42865.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42865.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42865", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:50.093", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:13:22.973", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,23 +14,116 @@ "value": "Se solucion\u00f3 una lectura fuera de los l\u00edmites con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.3, tvOS 16.4, iOS 16.4 y iPadOS 16.4, watchOS 9.4. El procesamiento de una imagen puede resultar en la divulgaci\u00f3n de la memoria del proceso." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.3", + "matchCriteriaId": "F58DAF22-8807-445A-AD05-8510829526CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "B55C90FB-21A2-4066-9FFD-04ABA57E68F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.4", + "matchCriteriaId": "B5DA93B3-CA76-4932-84EE-40445A6505EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213674", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213676", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213678", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42869.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42869.json index 92a07f5b54d..0f08132f2c5 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42869.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42869.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42869", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-10T22:15:50.200", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:19:52.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,88 @@ "value": "Se abordaron m\u00faltiples problemas de corrupci\u00f3n de memoria con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.4, iOS 16.5 y iPadOS 16.5. M\u00faltiples problemas en libxml2." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.5", + "matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.5", + "matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.4", + "matchCriteriaId": "ADD1755A-5CD2-4EED-8C6C-4729FADFA3F5" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213757", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213758", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-467xx/CVE-2023-46712.json b/CVE-2023/CVE-2023-467xx/CVE-2023-46712.json index 4953ec8f4c7..928aa509098 100644 --- a/CVE-2023/CVE-2023-467xx/CVE-2023-46712.json +++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46712.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46712", "sourceIdentifier": "psirt@fortinet.com", "published": "2024-01-10T18:15:46.223", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:25:21.613", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "psirt@fortinet.com", "type": "Secondary", @@ -50,10 +70,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndIncluding": "7.0.6", + "matchCriteriaId": "A94FF899-FAEF-4005-9B23-1F44A949AEEC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.2.0", + "versionEndIncluding": "7.2.1", + "matchCriteriaId": "EFB80359-3F7B-41FC-87EC-3EAF9A46642A" + } + ] + } + ] + } + ], "references": [ { "url": "https://fortiguard.com/psirt/FG-IR-23-395", - "source": "psirt@fortinet.com" + "source": "psirt@fortinet.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48783.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48783.json index 13a319b89ee..24816d8e263 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48783.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48783.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48783", "sourceIdentifier": "psirt@fortinet.com", "published": "2024-01-10T18:15:46.807", - "lastModified": "2024-01-11T13:57:35.163", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:24:38.617", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + }, { "source": "psirt@fortinet.com", "type": "Secondary", @@ -50,10 +70,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.3.0", + "versionEndIncluding": "5.3.8", + "matchCriteriaId": "44C143C2-D850-4768-94D0-55615D670A47" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndIncluding": "6.0.14", + "matchCriteriaId": "EBA19A35-E732-4B07-BE90-4B93B914D857" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.7", + "matchCriteriaId": "281311DE-FCED-4AB9-8D54-EBD0C8FE53B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.2.0", + "versionEndExcluding": "7.2.2", + "matchCriteriaId": "CF4332EA-0FED-44AB-A395-E3D62B365012" + } + ] + } + ] + } + ], "references": [ { "url": "https://fortiguard.com/psirt/FG-IR-23-408", - "source": "psirt@fortinet.com" + "source": "psirt@fortinet.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50950.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50950.json new file mode 100644 index 00000000000..2df584ba5f2 --- /dev/null +++ b/CVE-2023/CVE-2023-509xx/CVE-2023-50950.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-50950", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-01-17T17:15:11.143", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. IBM X-Force ID: 275709." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/275709", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7108657", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-50xx/CVE-2023-5006.json b/CVE-2023/CVE-2023-50xx/CVE-2023-5006.json index 7990a94aa33..6341bff13e6 100644 --- a/CVE-2023/CVE-2023-50xx/CVE-2023-5006.json +++ b/CVE-2023/CVE-2023-50xx/CVE-2023-5006.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5006", "sourceIdentifier": "contact@wpscan.com", "published": "2024-01-17T15:15:10.803", - "lastModified": "2024-01-17T15:15:10.803", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:08.140", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-50xx/CVE-2023-5041.json b/CVE-2023/CVE-2023-50xx/CVE-2023-5041.json index 00ec8019c76..eee3135623b 100644 --- a/CVE-2023/CVE-2023-50xx/CVE-2023-5041.json +++ b/CVE-2023/CVE-2023-50xx/CVE-2023-5041.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5041", "sourceIdentifier": "contact@wpscan.com", "published": "2024-01-17T15:15:10.850", - "lastModified": "2024-01-17T15:15:10.850", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:08.140", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51123.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51123.json index d4e928482b5..61a78e6f1c5 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51123.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51123.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51123", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-10T22:15:50.823", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:23:36.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,79 @@ "value": "Un problema descubierto en D-Link dir815 v.1.01SSb08.bin permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud POST manipulada al par\u00e1metro service en la funci\u00f3n SOAPCGI_main del componente binario cgibin." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-815_firmware:1.01ssb08.bin:*:*:*:*:*:*:*", + "matchCriteriaId": "F1F21B82-9750-4DCB-BD12-B67DB5E09AA6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-815:-:*:*:*:*:*:*:*", + "matchCriteriaId": "50618B63-304B-4A61-AA50-5154E8690E88" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/WhereisRain/dir-815", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52028.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52028.json index 1823e7f8a6c..320ad9e7229 100644 --- a/CVE-2023/CVE-2023-520xx/CVE-2023-52028.json +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52028.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52028", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-11T09:15:47.300", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:26:49.623", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,79 @@ "value": "Se descubri\u00f3 que TOTOlink A3700R v9.1.2u.5822_B20200513 contiene una vulnerabilidad de ejecuci\u00f3n remota de comandos (RCE) a trav\u00e9s de la funci\u00f3n setTracerouteCfg." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.5822_b20200513:*:*:*:*:*:*:*", + "matchCriteriaId": "C3F5D7B3-9362-4A1F-A53C-8B7DA8CAFAA0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "05777EB4-0963-4317-AB0B-287A2140915D" + } + ] + } + ] + } + ], "references": [ { "url": "https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R_setTracerouteCfg/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52029.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52029.json index 5215687e9fd..50ebcc47356 100644 --- a/CVE-2023/CVE-2023-520xx/CVE-2023-52029.json +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52029.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52029", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-11T09:15:47.350", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:26:18.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,79 @@ "value": "Se descubri\u00f3 que TOTOlink A3700R v9.1.2u.5822_B20200513 contiene una vulnerabilidad de ejecuci\u00f3n remota de comandos (RCE) a trav\u00e9s de la funci\u00f3n setDiagnosisCfg." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.5822_b20200513:*:*:*:*:*:*:*", + "matchCriteriaId": "C3F5D7B3-9362-4A1F-A53C-8B7DA8CAFAA0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "05777EB4-0963-4317-AB0B-287A2140915D" + } + ] + } + ] + } + ], "references": [ { "url": "https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R%28setDiagnosisCfg%29/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52030.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52030.json index 6b5e48c58ea..d4521e06b27 100644 --- a/CVE-2023/CVE-2023-520xx/CVE-2023-52030.json +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52030.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52030", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-11T09:15:47.393", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:25:43.917", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,79 @@ "value": "Se descubri\u00f3 que TOTOlink A3700R v9.1.2u.5822_B20200513 contiene una vulnerabilidad de ejecuci\u00f3n remota de comandos (RCE) a trav\u00e9s de la funci\u00f3n setOpModeCfg." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.5822_b20200513:*:*:*:*:*:*:*", + "matchCriteriaId": "C3F5D7B3-9362-4A1F-A53C-8B7DA8CAFAA0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "05777EB4-0963-4317-AB0B-287A2140915D" + } + ] + } + ] + } + ], "references": [ { "url": "https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R%28setOpModeCfg%29/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52031.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52031.json index b0db9bbcab3..0f86df6aba0 100644 --- a/CVE-2023/CVE-2023-520xx/CVE-2023-52031.json +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52031.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52031", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-11T09:15:47.437", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:24:45.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,79 @@ "value": "Se descubri\u00f3 que TOTOlink A3700R v9.1.2u.5822_B20200513 contiene una vulnerabilidad de ejecuci\u00f3n remota de comandos (RCE) a trav\u00e9s de la funci\u00f3n UploadFirmwareFile." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.5822_b20200513:*:*:*:*:*:*:*", + "matchCriteriaId": "C3F5D7B3-9362-4A1F-A53C-8B7DA8CAFAA0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "05777EB4-0963-4317-AB0B-287A2140915D" + } + ] + } + ] + } + ], "references": [ { "url": "https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R_UploadFirmwareFile/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52032.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52032.json index 6c921399ab1..7f78d17a134 100644 --- a/CVE-2023/CVE-2023-520xx/CVE-2023-52032.json +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52032.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52032", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-11T09:15:47.483", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:10:27.367", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,79 @@ "value": "Se descubri\u00f3 que TOTOlink EX1200T V4.1.2cu.5232_B20210713 contiene una vulnerabilidad de ejecuci\u00f3n remota de comandos (RCE) a trav\u00e9s de la funci\u00f3n \"principal\"." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5232_b20210713:*:*:*:*:*:*:*", + "matchCriteriaId": "1DD36F94-8646-4794-8878-6F4BF1BF1153" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:totolink:ex1200t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F262644E-2558-423E-A19E-7C86A1756FBF" + } + ] + } + ] + } + ], "references": [ { "url": "https://815yang.github.io/2023/12/24/cve6/EX1200T_V4.1.2cu.5232_B20210713_downloadFlile/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-53xx/CVE-2023-5347.json b/CVE-2023/CVE-2023-53xx/CVE-2023-5347.json index 74f2f85100e..9f36dcc8e80 100644 --- a/CVE-2023/CVE-2023-53xx/CVE-2023-5347.json +++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5347.json @@ -2,7 +2,7 @@ "id": "CVE-2023-5347", "sourceIdentifier": "office@cyberdanube.com", "published": "2024-01-09T10:15:22.523", - "lastModified": "2024-01-17T15:05:39.563", + "lastModified": "2024-01-17T17:50:09.620", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,8 +90,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5310g_firmware:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "EE9A221B-49BE-4B94-A4BA-3837ACD2A38B" + "criteria": "cpe:2.3:o:korenix:jetnet_5310g_firmware:2.6:*:*:*:*:*:*:*", + "matchCriteriaId": "A95682DF-7942-49DA-9F81-EF1807045409" } ] }, @@ -117,8 +117,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "2187DB56-9032-499E-AFEB-71D803C9958F" + "criteria": "cpe:2.3:o:korenix:jetnet_4508_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F0FE3A-6460-46FD-BDC0-40BF2705637D" } ] }, @@ -128,8 +128,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7176A484-A088-4C18-9672-1D97432B17DB" + "criteria": "cpe:2.3:h:korenix:jetnet_4508:-:*:*:*:*:*:*:*", + "matchCriteriaId": "99147D57-7780-4234-B55D-CC9AFBA481C9" } ] } @@ -144,8 +144,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508i-w_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "FE9137AD-E8FE-4993-A66E-631F5D7072EB" + "criteria": "cpe:2.3:o:korenix:jetnet_4508i-w_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "96C77E80-72C3-4662-A9CE-7C8CC126F1B6" } ] }, @@ -155,8 +155,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508i-w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "965C9456-043B-4565-84A3-536FA6558F0C" + "criteria": "cpe:2.3:h:korenix:jetnet_4508i-w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8898260C-6D31-41BA-A2F2-A8975B5C7DEF" } ] } @@ -171,8 +171,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508-w_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "505A7DD4-7392-467C-9EA3-6083CB223194" + "criteria": "cpe:2.3:o:korenix:jetnet_4508-w_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "8E017D04-2392-483C-AC36-8AF8F061720B" } ] }, @@ -182,8 +182,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508-w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A55997F3-A155-423C-90EC-46E462482D80" + "criteria": "cpe:2.3:h:korenix:jetnet_4508-w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DAC01082-D54E-4E35-A68C-3CF5A54F2816" } ] } @@ -198,8 +198,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508if-s_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "8E6B5C74-4FE8-45DD-9D45-E225E39CDCE6" + "criteria": "cpe:2.3:o:korenix:jetnet_4508if-s_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "7461886A-A4D4-4193-8366-5DBB3A78A355" } ] }, @@ -209,8 +209,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508if-s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2ED235ED-4CEE-47C2-95AF-06017EE84C7B" + "criteria": "cpe:2.3:h:korenix:jetnet_4508if-s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5DAE70B6-7384-4909-8A07-3F786A51EF6B" } ] } @@ -225,8 +225,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508if-m_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4BCE96-6A23-4573-BD05-0D66DE2FDAB2" + "criteria": "cpe:2.3:o:korenix:jetnet_4508if-m_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "01E97B8A-ABBB-4EE6-9F56-4766FAAA6CBD" } ] }, @@ -236,8 +236,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508if-m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98B225C9-995D-41BC-A242-40F9072DA173" + "criteria": "cpe:2.3:h:korenix:jetnet_4508if-m:-:*:*:*:*:*:*:*", + "matchCriteriaId": "044D5792-E5CE-4235-9148-C984AC0F1F6B" } ] } @@ -252,8 +252,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508if-sw_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "220A9305-2789-4ADE-A4A6-94322A93FBE1" + "criteria": "cpe:2.3:o:korenix:jetnet_4508if-sw_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "B4E5AC4C-E6E6-45A0-9E27-54ABC3D224F5" } ] }, @@ -263,8 +263,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508if-sw:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3BFE1BAC-2520-4356-AD31-4D3DEDB7214C" + "criteria": "cpe:2.3:h:korenix:jetnet_4508if-sw:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EB3742F-CC0B-49E5-B29C-EF4E7D9A7D28" } ] } @@ -279,8 +279,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508if-mw_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "E5B3BE81-8972-4BE3-8476-C62FD102C0DF" + "criteria": "cpe:2.3:o:korenix:jetnet_4508if-mw_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "82EBBC44-1C71-406C-9FF0-39FB493C5931" } ] }, @@ -290,8 +290,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508if-mw:-:*:*:*:*:*:*:*", - "matchCriteriaId": "782964BE-2707-4F12-998C-781AFBBCB56A" + "criteria": "cpe:2.3:h:korenix:jetnet_4508if-mw:-:*:*:*:*:*:*:*", + "matchCriteriaId": "701A8011-7DA5-417F-B36F-ABED3914DED6" } ] } @@ -306,8 +306,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508f-m_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "8A574615-B429-43B4-830D-6469B80EACC1" + "criteria": "cpe:2.3:o:korenix:jetnet_4508f-m_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "7361627A-4F68-413D-8051-5C3318DD8F51" } ] }, @@ -317,8 +317,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508f-m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADADF001-B51B-4B74-BDC9-6A3BE3410C6B" + "criteria": "cpe:2.3:h:korenix:jetnet_4508f-m:-:*:*:*:*:*:*:*", + "matchCriteriaId": "43A20FF6-2622-4FD4-939C-587B48DD8933" } ] } @@ -333,8 +333,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508f-s_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "2B79D36E-9182-4D57-952D-F15E51D53AF9" + "criteria": "cpe:2.3:o:korenix:jetnet_4508f-s_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "78B14120-454F-4D1D-A156-1506DD0C0037" } ] }, @@ -344,8 +344,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508f-s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36382F0E-551C-4F07-B3F2-540493131876" + "criteria": "cpe:2.3:h:korenix:jetnet_4508f-s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4637E3CC-6474-419C-A78C-963C77AEFF51" } ] } @@ -360,8 +360,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508f-mw_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "D63B5678-53D8-4F7C-BAE6-D569A0E6E730" + "criteria": "cpe:2.3:o:korenix:jetnet_4508f-mw_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "A6F5BD0F-74C3-4032-A6CC-90A96EBAA14C" } ] }, @@ -371,8 +371,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508f-mw:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D053D60-02FB-471C-AFDB-A5CCBC59344D" + "criteria": "cpe:2.3:h:korenix:jetnet_4508f-mw:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B7E5326F-3E4F-40EB-946F-A4D6EA71E9B5" } ] } @@ -387,8 +387,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508f-sw_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "24543454-44A3-4218-B011-BD58A6D2D560" + "criteria": "cpe:2.3:o:korenix:jetnet_4508f-sw_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "71C41FA7-2DD7-4788-9874-67ACCADDD456" } ] }, @@ -398,8 +398,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508f-sw:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8D328683-93E7-4D04-A79E-488E1F3CC98E" + "criteria": "cpe:2.3:h:korenix:jetnet_4508f-sw:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8EDFA438-A071-445B-86B9-44C22DB7664D" } ] } @@ -414,8 +414,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5620g-4c_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "3081AFA3-3F71-4B96-A38B-A70D36887ABB" + "criteria": "cpe:2.3:o:korenix:jetnet_5620g-4c_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "6D9FE392-DF90-4837-9B96-6CC3ADE539CF" } ] }, @@ -425,8 +425,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5620g-4c:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA0E4809-BF23-4AAD-8EEA-F000617E7795" + "criteria": "cpe:2.3:h:korenix:jetnet_5620g-4c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D9385192-A75A-428E-9A04-E443A69B2DF8" } ] } @@ -441,8 +441,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5612gp-4f_firmware:1.2:*:*:*:*:*:*:*", - "matchCriteriaId": "128EF37D-3193-4711-9DD3-0F965A096C8A" + "criteria": "cpe:2.3:o:korenix:jetnet_5612gp-4f_firmware:1.2:*:*:*:*:*:*:*", + "matchCriteriaId": "64BD0899-AA5B-43DA-B741-BC74CF522989" } ] }, @@ -452,8 +452,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5612gp-4f:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72A7AA85-0DBB-4030-AE67-5D65DFDF10EB" + "criteria": "cpe:2.3:h:korenix:jetnet_5612gp-4f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1097E748-4ACA-4D97-8000-A219D0771B2A" } ] } @@ -468,8 +468,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5612g-4f_firmware:1.2:*:*:*:*:*:*:*", - "matchCriteriaId": "E125540D-0FCF-49AB-89DA-2B9AEDC54244" + "criteria": "cpe:2.3:o:korenix:jetnet_5612g-4f_firmware:1.2:*:*:*:*:*:*:*", + "matchCriteriaId": "03B76261-DAD3-43C9-AAB1-ED30C825A3AF" } ] }, @@ -479,8 +479,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5612g-4f:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A41CDDB8-8D26-4CD2-B67A-297F98D313EF" + "criteria": "cpe:2.3:h:korenix:jetnet_5612g-4f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46D7393F-8736-4BC7-A611-4E54D14F7893" } ] } @@ -495,8 +495,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5728g-24p-ac-2dc-us_firmware:2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "D50B0785-B895-4CF8-AEB9-6A028BE616DA" + "criteria": "cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-us_firmware:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "AEB3C066-DA69-4C69-ACD1-8AA325667B25" } ] }, @@ -506,8 +506,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2B20C7D-BA5D-440A-94AA-21C535879846" + "criteria": "cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "93F24671-F7E7-476E-92CD-CF0061682A6A" } ] } @@ -522,8 +522,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5728g-24p-ac-2dc-eu_firmware:2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "4664BA3D-EA4D-4A54-B845-9AA14C210F37" + "criteria": "cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-eu_firmware:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "E34410B0-C4D5-40B9-89A8-95782A55913E" } ] }, @@ -533,8 +533,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FEED-347A-48EB-8302-F45DA238265D" + "criteria": "cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9145BCF4-E8A0-4561-B5D3-B79B8BDD8692" } ] } @@ -549,8 +549,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "23DB6499-AE29-4304-8910-B288E8AD4F03" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "347A53EC-7C44-46C4-ABAF-CF7AD709B0AE" } ] }, @@ -560,8 +560,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-2ac-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DF73BE9-DB3A-4CCD-8620-13B59E4BC0A5" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2ac-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1189AAB8-CFB1-4542-A85D-717E793F67F0" } ] } @@ -576,8 +576,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "AF11F464-53FA-4667-ACC9-F460254845AD" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8C9D7474-2DC1-4698-8116-506E05A87E0A" } ] }, @@ -587,8 +587,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-2ac-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "511A9B03-5FC2-4AD6-B85D-96D1A7BA28EB" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2ac-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B857CDA-1A39-454E-B16C-CE90CD1577B2" } ] } @@ -603,8 +603,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-2dc24_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "31477C04-BE34-40DF-85C8-2D0F5662842C" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2dc24_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "47FED1A9-830B-4F3D-92C7-5CAEF5F742C6" } ] }, @@ -614,8 +614,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-2dc24:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48D8AFCB-AD72-4D00-B7BC-191526E94795" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2dc24:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EEAAB531-DB65-4C51-A2FC-9D7E6FBBCB23" } ] } @@ -630,8 +630,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-2dc48_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "1E76CC4D-9B3E-4319-B40A-E75CEA7000D6" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2dc48_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "13F06A64-36CA-4023-8217-1ECC065AFC13" } ] }, @@ -641,8 +641,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-2dc48:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6391AB0E-BE54-4D0A-ADA1-1DD64471F37C" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2dc48:-:*:*:*:*:*:*:*", + "matchCriteriaId": "165844C8-B773-49D1-AFFB-564EE4858127" } ] } @@ -657,8 +657,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-ac-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "87043A8A-5A6C-4730-A3D9-57C30A9BD2FF" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-ac-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2DB9A900-9AC7-4A82-BEED-7002AD81AFDE" } ] }, @@ -668,8 +668,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-ac-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE631AC7-6AE5-46F0-8303-1AA2D9A0D510" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-ac-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "69857D1C-BA45-4B3F-8F11-9D5636EDFF5D" } ] } @@ -684,8 +684,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-ac-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "ED42227E-CDE9-4784-A8E4-AD40B0F4498C" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-ac-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "CE95314D-9AFC-40CB-B449-B195FF94605B" } ] }, @@ -695,8 +695,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-ac-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "870154EF-D3DB-4337-8905-A7888E06F787" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-ac-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B483B168-203E-4905-9585-B7DDC735A76E" } ] } @@ -711,8 +711,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "C5FCBF5F-FB5B-4521-8641-01A439B42554" + "criteria": "cpe:2.3:o:korenix:jetnet_6628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "C890BEF3-785C-47F1-A65C-92518E4FAA2D" } ] }, @@ -722,8 +722,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6628xp-4f-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73CC2FB7-D3A4-4154-8FE6-C574E9D65163" + "criteria": "cpe:2.3:h:korenix:jetnet_6628xp-4f-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3A1FA23F-3E4E-46E5-A0F8-B31895C1B5CC" } ] } @@ -738,8 +738,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "E4B24BE6-6C7A-46F3-B020-79826444B8E8" + "criteria": "cpe:2.3:o:korenix:jetnet_6628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "70128CE4-FAF6-4564-BC3F-EFA813A01DD4" } ] }, @@ -749,8 +749,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6628x-4f-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711A5C6D-BD3F-4297-896B-D4C6193FF495" + "criteria": "cpe:2.3:h:korenix:jetnet_6628x-4f-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DAC14B48-37CE-4385-A779-A553850A7B3C" } ] } @@ -765,8 +765,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6728g-24p-ac-2dc-us_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "8EE4C4F8-CB14-47B9-9788-44491FDDA31D" + "criteria": "cpe:2.3:o:korenix:jetnet_6728g-24p-ac-2dc-us_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "22E4FFB2-CB4C-4088-A656-84B7F883DF6A" } ] }, @@ -776,8 +776,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E22EDFE-7E2D-4E66-AD86-BA84120D04B0" + "criteria": "cpe:2.3:h:korenix:jetnet_6728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D865328-72DC-4802-A82D-DBF30B638583" } ] } @@ -792,8 +792,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6728g-24p-ac-2dc-eu_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "EB39EAB6-D7E3-49CF-8221-C086AD7D7665" + "criteria": "cpe:2.3:o:korenix:jetnet_6728g-24p-ac-2dc-eu_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "3C837607-C6FF-40F2-AC88-6A9C48CB1029" } ] }, @@ -803,8 +803,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "444CE615-E6E9-4E3B-8D83-8AAC31F11AE9" + "criteria": "cpe:2.3:h:korenix:jetnet_6728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "16305FB2-E46A-4DDA-9E85-64DAD64B35D4" } ] } @@ -819,8 +819,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2dc48_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "71340F26-5B5C-45DE-A5C0-0EE6BBCF3E58" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2dc48_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "43816A78-45C6-4829-A4C4-72DA8E0E330C" } ] }, @@ -830,8 +830,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2dc48:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46C5A5D0-8A4C-42F8-A446-9296DD82D016" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2dc48:-:*:*:*:*:*:*:*", + "matchCriteriaId": "38E8437F-8F81-40D5-A4A2-D6D3D1E8DC7F" } ] } @@ -846,8 +846,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2dc24_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DB334C-8A0C-4BAA-BB2F-39DFA870F675" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2dc24_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9B733CE0-84AC-4E80-9276-F129F41DF88E" } ] }, @@ -857,8 +857,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2dc24:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A548EA71-D43D-444A-9A17-2FB019CCAB54" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2dc24:-:*:*:*:*:*:*:*", + "matchCriteriaId": "58C8D47C-A56B-43A2-9A85-4C5823A3B9A9" } ] } @@ -873,8 +873,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-ac-dc24-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "A289C72D-732F-4B71-AC89-AEBD27F81492" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-dc24-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8E1ADD38-C9C3-42AE-AD9A-D20FE64F44D2" } ] }, @@ -884,8 +884,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-ac-dc24-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "648F7C4F-0F6E-41D0-8405-DB95F14E874B" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-dc24-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "51811483-40D1-40B9-82CB-015CEA7A8ACE" } ] } @@ -900,8 +900,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "9BE2E55E-2895-4AB0-97DF-CDFAAF55E7C5" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0BC888A2-32AC-4DB0-B073-FE8FE9A565CB" } ] }, @@ -911,8 +911,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2ac-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58106DF8-A71C-4571-8E8B-CF8864C4C89E" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "585BC55D-9ED9-4A22-AFED-9C199A89011F" } ] } @@ -927,8 +927,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-ac-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "089E69A3-B477-420A-B665-0C264CB33703" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "527AFFFB-0626-41AD-9CD8-0E34ECC4B4A8" } ] }, @@ -938,8 +938,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-ac-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B29F3C4E-2A95-408B-BE3F-0E8DA5C9B71B" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7AA11034-5A43-45C5-A48A-B9754A63AFBF" } ] } @@ -954,8 +954,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2ac-au_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "2ADE14D8-796F-4E6D-9DAB-A93BEE5ECFEF" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-au_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A2B07B4D-6E13-4589-8ACA-ADF728EB4716" } ] }, @@ -965,8 +965,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2ac-au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3BC3C88F-71E9-4CEB-94F2-490D972AFA67" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-au:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C1523A9A-09E0-44E1-96E2-24FE49B7FDAA" } ] } @@ -981,8 +981,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-ac-dc24-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "2A315472-9721-4652-B21F-FA1E8506584C" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-dc24-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "69E718E1-864B-4B97-8A4C-242E449728A6" } ] }, @@ -992,8 +992,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-ac-dc24-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "335308E4-31C3-4E90-B307-2AE076EE682F" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-dc24-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C64F5C7-7FC0-415A-8209-145DA3A296FA" } ] } @@ -1008,8 +1008,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "D5E97906-9629-4776-8339-423C82D375FA" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C26FCFA8-C978-4967-82CC-7CEBEC9014B8" } ] }, @@ -1019,8 +1019,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2ac-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28BF440A-4CB4-4F23-A198-F5B5312AE944" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "73431E6E-CAF5-4114-A2E8-BE9860558610" } ] } @@ -1035,8 +1035,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6910g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "853C6DCB-DBBE-47E6-B318-0324E5739C92" + "criteria": "cpe:2.3:o:korenix:jetnet_6910g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "65334CFA-6C17-461E-9137-976244486B42" } ] }, @@ -1046,8 +1046,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6910g-m12_hvdc:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6817848-C8E4-4D10-A0B4-6016072CC4DB" + "criteria": "cpe:2.3:h:korenix:jetnet_6910g-m12_hvdc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A1D90718-B60B-4950-9898-24E315D63F44" } ] } @@ -1062,8 +1062,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7310g-v2_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "049C0B4F-651B-4245-BB81-16AAE135FC94" + "criteria": "cpe:2.3:o:korenix:jetnet_7310g-v2_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BAC7EFE2-DE02-4012-955B-5078348B362C" } ] }, @@ -1073,8 +1073,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7310g-v2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FF040D6C-DE7F-4F6E-A13B-7DA987F6E4DF" + "criteria": "cpe:2.3:h:korenix:jetnet_7310g-v2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "53CE00D4-6846-4C28-83DD-13952831275E" } ] } @@ -1089,8 +1089,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628xp-4f-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "E2069D33-0BB9-4260-82F9-929FB90BB68C" + "criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C417B424-3504-4BFB-AFB9-B66C0AF38AD5" } ] }, @@ -1100,8 +1100,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628xp-4f-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C397929-6B19-42C1-A161-184639C6299A" + "criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E629B201-717C-4D7C-A1DE-04E0820B7AA9" } ] } @@ -1116,8 +1116,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "802DB1DE-5D36-4F08-B3A2-070B985D9360" + "criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "7B817CA4-30DC-419D-AD84-3489CA0C68D8" } ] }, @@ -1127,8 +1127,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628xp-4f-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C397929-6B19-42C1-A161-184639C6299A" + "criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E629B201-717C-4D7C-A1DE-04E0820B7AA9" } ] } @@ -1143,8 +1143,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628xp-4f-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "80E0983A-62CB-47A6-8CB7-664B81F87E0B" + "criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BE668B76-D528-4C4F-93CC-893479E2230C" } ] }, @@ -1154,8 +1154,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628xp-4f-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EB8AFE-42F2-453D-BBE4-75B3629CDF6B" + "criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6B566F22-B0BA-4259-B104-AFCEA5ECCA70" } ] } @@ -1170,8 +1170,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628xp-4f-eu_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "D2497E2C-4AD1-486A-B4FC-8F1A7E12D149" + "criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-eu_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "72B8862C-DA86-46DD-957A-7B88C6C42927" } ] }, @@ -1181,8 +1181,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628xp-4f-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EB8AFE-42F2-453D-BBE4-75B3629CDF6B" + "criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6B566F22-B0BA-4259-B104-AFCEA5ECCA70" } ] } @@ -1197,8 +1197,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628x-4f-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "2AB3AC94-D763-4CF7-9C3A-FE72D026FC1A" + "criteria": "cpe:2.3:o:korenix:jetnet_7628x-4f-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C3563599-3CF7-46ED-8734-0A52BA052071" } ] }, @@ -1208,8 +1208,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628x-4f-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4724A817-C5F4-4AEA-8E8A-04429BCA3344" + "criteria": "cpe:2.3:h:korenix:jetnet_7628x-4f-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6C722303-26DB-44AD-BF0D-A7930C52A638" } ] } @@ -1224,8 +1224,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "75826EA2-A247-4981-80DB-1B0653C6C6C3" + "criteria": "cpe:2.3:o:korenix:jetnet_7628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "AB06B11C-154D-4B6A-8E8E-A12831F8211E" } ] }, @@ -1235,8 +1235,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628x-4f-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96E344A8-27FE-4E48-948B-2C345CC14883" + "criteria": "cpe:2.3:h:korenix:jetnet_7628x-4f-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "41AF8048-A100-4BDB-B902-B80E70D89173" } ] } @@ -1251,8 +1251,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7714g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "DB5460B2-BB27-4FE2-B2EE-B86467DD8EEF" + "criteria": "cpe:2.3:o:korenix:jetnet_7714g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6624B567-4DF0-4A67-8C14-EB8E4BE1EEDA" } ] }, @@ -1262,8 +1262,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7714g-m12_hvdc:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15EFEB55-14EF-444E-A854-0D6AD4E4AEB3" + "criteria": "cpe:2.3:h:korenix:jetnet_7714g-m12_hvdc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B0492BC5-5B2C-4DF7-971C-679955DE83AC" } ] } @@ -1276,7 +1276,8 @@ "source": "office@cyberdanube.com", "tags": [ "Exploit", - "Third Party Advisory" + "Third Party Advisory", + "VDB Entry" ] }, { @@ -1284,6 +1285,7 @@ "source": "office@cyberdanube.com", "tags": [ "Exploit", + "Mailing List", "Third Party Advisory" ] }, diff --git a/CVE-2023/CVE-2023-53xx/CVE-2023-5376.json b/CVE-2023/CVE-2023-53xx/CVE-2023-5376.json index 8497aab042e..ccb58c2d8ac 100644 --- a/CVE-2023/CVE-2023-53xx/CVE-2023-5376.json +++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5376.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5376", "sourceIdentifier": "office@cyberdanube.com", "published": "2024-01-09T10:15:22.823", - "lastModified": "2024-01-17T15:05:39.563", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-17T17:46:40.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -90,8 +90,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5310g_firmware:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "EE9A221B-49BE-4B94-A4BA-3837ACD2A38B" + "criteria": "cpe:2.3:o:korenix:jetnet_5310g_firmware:2.6:*:*:*:*:*:*:*", + "matchCriteriaId": "A95682DF-7942-49DA-9F81-EF1807045409" } ] }, @@ -117,8 +117,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "2187DB56-9032-499E-AFEB-71D803C9958F" + "criteria": "cpe:2.3:o:korenix:jetnet_4508_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F0FE3A-6460-46FD-BDC0-40BF2705637D" } ] }, @@ -128,8 +128,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7176A484-A088-4C18-9672-1D97432B17DB" + "criteria": "cpe:2.3:h:korenix:jetnet_4508:-:*:*:*:*:*:*:*", + "matchCriteriaId": "99147D57-7780-4234-B55D-CC9AFBA481C9" } ] } @@ -144,8 +144,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508i-w_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "FE9137AD-E8FE-4993-A66E-631F5D7072EB" + "criteria": "cpe:2.3:o:korenix:jetnet_4508i-w_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "96C77E80-72C3-4662-A9CE-7C8CC126F1B6" } ] }, @@ -155,8 +155,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508i-w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "965C9456-043B-4565-84A3-536FA6558F0C" + "criteria": "cpe:2.3:h:korenix:jetnet_4508i-w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8898260C-6D31-41BA-A2F2-A8975B5C7DEF" } ] } @@ -171,8 +171,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508-w_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "505A7DD4-7392-467C-9EA3-6083CB223194" + "criteria": "cpe:2.3:o:korenix:jetnet_4508-w_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "8E017D04-2392-483C-AC36-8AF8F061720B" } ] }, @@ -182,8 +182,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508-w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A55997F3-A155-423C-90EC-46E462482D80" + "criteria": "cpe:2.3:h:korenix:jetnet_4508-w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DAC01082-D54E-4E35-A68C-3CF5A54F2816" } ] } @@ -198,8 +198,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508if-s_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "8E6B5C74-4FE8-45DD-9D45-E225E39CDCE6" + "criteria": "cpe:2.3:o:korenix:jetnet_4508if-s_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "7461886A-A4D4-4193-8366-5DBB3A78A355" } ] }, @@ -209,8 +209,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508if-s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2ED235ED-4CEE-47C2-95AF-06017EE84C7B" + "criteria": "cpe:2.3:h:korenix:jetnet_4508if-s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5DAE70B6-7384-4909-8A07-3F786A51EF6B" } ] } @@ -225,8 +225,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508if-m_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4BCE96-6A23-4573-BD05-0D66DE2FDAB2" + "criteria": "cpe:2.3:o:korenix:jetnet_4508if-m_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "01E97B8A-ABBB-4EE6-9F56-4766FAAA6CBD" } ] }, @@ -236,8 +236,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508if-m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98B225C9-995D-41BC-A242-40F9072DA173" + "criteria": "cpe:2.3:h:korenix:jetnet_4508if-m:-:*:*:*:*:*:*:*", + "matchCriteriaId": "044D5792-E5CE-4235-9148-C984AC0F1F6B" } ] } @@ -252,8 +252,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508if-sw_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "220A9305-2789-4ADE-A4A6-94322A93FBE1" + "criteria": "cpe:2.3:o:korenix:jetnet_4508if-sw_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "B4E5AC4C-E6E6-45A0-9E27-54ABC3D224F5" } ] }, @@ -263,8 +263,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508if-sw:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3BFE1BAC-2520-4356-AD31-4D3DEDB7214C" + "criteria": "cpe:2.3:h:korenix:jetnet_4508if-sw:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EB3742F-CC0B-49E5-B29C-EF4E7D9A7D28" } ] } @@ -279,8 +279,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508if-mw_firmware:1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "E5B3BE81-8972-4BE3-8476-C62FD102C0DF" + "criteria": "cpe:2.3:o:korenix:jetnet_4508if-mw_firmware:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "82EBBC44-1C71-406C-9FF0-39FB493C5931" } ] }, @@ -290,8 +290,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508if-mw:-:*:*:*:*:*:*:*", - "matchCriteriaId": "782964BE-2707-4F12-998C-781AFBBCB56A" + "criteria": "cpe:2.3:h:korenix:jetnet_4508if-mw:-:*:*:*:*:*:*:*", + "matchCriteriaId": "701A8011-7DA5-417F-B36F-ABED3914DED6" } ] } @@ -306,8 +306,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508f-m_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "8A574615-B429-43B4-830D-6469B80EACC1" + "criteria": "cpe:2.3:o:korenix:jetnet_4508f-m_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "7361627A-4F68-413D-8051-5C3318DD8F51" } ] }, @@ -317,8 +317,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508f-m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADADF001-B51B-4B74-BDC9-6A3BE3410C6B" + "criteria": "cpe:2.3:h:korenix:jetnet_4508f-m:-:*:*:*:*:*:*:*", + "matchCriteriaId": "43A20FF6-2622-4FD4-939C-587B48DD8933" } ] } @@ -333,8 +333,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508f-s_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "2B79D36E-9182-4D57-952D-F15E51D53AF9" + "criteria": "cpe:2.3:o:korenix:jetnet_4508f-s_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "78B14120-454F-4D1D-A156-1506DD0C0037" } ] }, @@ -344,8 +344,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508f-s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36382F0E-551C-4F07-B3F2-540493131876" + "criteria": "cpe:2.3:h:korenix:jetnet_4508f-s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4637E3CC-6474-419C-A78C-963C77AEFF51" } ] } @@ -360,8 +360,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508f-mw_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "D63B5678-53D8-4F7C-BAE6-D569A0E6E730" + "criteria": "cpe:2.3:o:korenix:jetnet_4508f-mw_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "A6F5BD0F-74C3-4032-A6CC-90A96EBAA14C" } ] }, @@ -371,8 +371,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508f-mw:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D053D60-02FB-471C-AFDB-A5CCBC59344D" + "criteria": "cpe:2.3:h:korenix:jetnet_4508f-mw:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B7E5326F-3E4F-40EB-946F-A4D6EA71E9B5" } ] } @@ -387,8 +387,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet4508f-sw_firmware:2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "24543454-44A3-4218-B011-BD58A6D2D560" + "criteria": "cpe:2.3:o:korenix:jetnet_4508f-sw_firmware:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "71C41FA7-2DD7-4788-9874-67ACCADDD456" } ] }, @@ -398,8 +398,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet4508f-sw:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8D328683-93E7-4D04-A79E-488E1F3CC98E" + "criteria": "cpe:2.3:h:korenix:jetnet_4508f-sw:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8EDFA438-A071-445B-86B9-44C22DB7664D" } ] } @@ -414,8 +414,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5620g-4c_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "3081AFA3-3F71-4B96-A38B-A70D36887ABB" + "criteria": "cpe:2.3:o:korenix:jetnet_5620g-4c_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "6D9FE392-DF90-4837-9B96-6CC3ADE539CF" } ] }, @@ -425,8 +425,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5620g-4c:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA0E4809-BF23-4AAD-8EEA-F000617E7795" + "criteria": "cpe:2.3:h:korenix:jetnet_5620g-4c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D9385192-A75A-428E-9A04-E443A69B2DF8" } ] } @@ -441,8 +441,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5612gp-4f_firmware:1.2:*:*:*:*:*:*:*", - "matchCriteriaId": "128EF37D-3193-4711-9DD3-0F965A096C8A" + "criteria": "cpe:2.3:o:korenix:jetnet_5612gp-4f_firmware:1.2:*:*:*:*:*:*:*", + "matchCriteriaId": "64BD0899-AA5B-43DA-B741-BC74CF522989" } ] }, @@ -452,8 +452,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5612gp-4f:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72A7AA85-0DBB-4030-AE67-5D65DFDF10EB" + "criteria": "cpe:2.3:h:korenix:jetnet_5612gp-4f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1097E748-4ACA-4D97-8000-A219D0771B2A" } ] } @@ -468,8 +468,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5612g-4f_firmware:1.2:*:*:*:*:*:*:*", - "matchCriteriaId": "E125540D-0FCF-49AB-89DA-2B9AEDC54244" + "criteria": "cpe:2.3:o:korenix:jetnet_5612g-4f_firmware:1.2:*:*:*:*:*:*:*", + "matchCriteriaId": "03B76261-DAD3-43C9-AAB1-ED30C825A3AF" } ] }, @@ -479,8 +479,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5612g-4f:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A41CDDB8-8D26-4CD2-B67A-297F98D313EF" + "criteria": "cpe:2.3:h:korenix:jetnet_5612g-4f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46D7393F-8736-4BC7-A611-4E54D14F7893" } ] } @@ -495,8 +495,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5728g-24p-ac-2dc-us_firmware:2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "D50B0785-B895-4CF8-AEB9-6A028BE616DA" + "criteria": "cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-us_firmware:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "AEB3C066-DA69-4C69-ACD1-8AA325667B25" } ] }, @@ -506,8 +506,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2B20C7D-BA5D-440A-94AA-21C535879846" + "criteria": "cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "93F24671-F7E7-476E-92CD-CF0061682A6A" } ] } @@ -522,8 +522,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet5728g-24p-ac-2dc-eu_firmware:2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "4664BA3D-EA4D-4A54-B845-9AA14C210F37" + "criteria": "cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-eu_firmware:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "E34410B0-C4D5-40B9-89A8-95782A55913E" } ] }, @@ -533,8 +533,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet5728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FEED-347A-48EB-8302-F45DA238265D" + "criteria": "cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9145BCF4-E8A0-4561-B5D3-B79B8BDD8692" } ] } @@ -549,8 +549,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "23DB6499-AE29-4304-8910-B288E8AD4F03" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "347A53EC-7C44-46C4-ABAF-CF7AD709B0AE" } ] }, @@ -560,8 +560,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-2ac-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DF73BE9-DB3A-4CCD-8620-13B59E4BC0A5" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2ac-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1189AAB8-CFB1-4542-A85D-717E793F67F0" } ] } @@ -576,8 +576,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "AF11F464-53FA-4667-ACC9-F460254845AD" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8C9D7474-2DC1-4698-8116-506E05A87E0A" } ] }, @@ -587,8 +587,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-2ac-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "511A9B03-5FC2-4AD6-B85D-96D1A7BA28EB" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2ac-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B857CDA-1A39-454E-B16C-CE90CD1577B2" } ] } @@ -603,8 +603,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-2dc24_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "31477C04-BE34-40DF-85C8-2D0F5662842C" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2dc24_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "47FED1A9-830B-4F3D-92C7-5CAEF5F742C6" } ] }, @@ -614,8 +614,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-2dc24:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48D8AFCB-AD72-4D00-B7BC-191526E94795" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2dc24:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EEAAB531-DB65-4C51-A2FC-9D7E6FBBCB23" } ] } @@ -630,8 +630,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-2dc48_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "1E76CC4D-9B3E-4319-B40A-E75CEA7000D6" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-2dc48_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "13F06A64-36CA-4023-8217-1ECC065AFC13" } ] }, @@ -641,8 +641,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-2dc48:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6391AB0E-BE54-4D0A-ADA1-1DD64471F37C" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-2dc48:-:*:*:*:*:*:*:*", + "matchCriteriaId": "165844C8-B773-49D1-AFFB-564EE4858127" } ] } @@ -657,8 +657,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-ac-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "87043A8A-5A6C-4730-A3D9-57C30A9BD2FF" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-ac-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2DB9A900-9AC7-4A82-BEED-7002AD81AFDE" } ] }, @@ -668,8 +668,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-ac-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE631AC7-6AE5-46F0-8303-1AA2D9A0D510" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-ac-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "69857D1C-BA45-4B3F-8F11-9D5636EDFF5D" } ] } @@ -684,8 +684,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6528gf-ac-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "ED42227E-CDE9-4784-A8E4-AD40B0F4498C" + "criteria": "cpe:2.3:o:korenix:jetnet_6528gf-ac-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "CE95314D-9AFC-40CB-B449-B195FF94605B" } ] }, @@ -695,8 +695,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6528gf-ac-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "870154EF-D3DB-4337-8905-A7888E06F787" + "criteria": "cpe:2.3:h:korenix:jetnet_6528gf-ac-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B483B168-203E-4905-9585-B7DDC735A76E" } ] } @@ -711,8 +711,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "C5FCBF5F-FB5B-4521-8641-01A439B42554" + "criteria": "cpe:2.3:o:korenix:jetnet_6628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "C890BEF3-785C-47F1-A65C-92518E4FAA2D" } ] }, @@ -722,8 +722,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6628xp-4f-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73CC2FB7-D3A4-4154-8FE6-C574E9D65163" + "criteria": "cpe:2.3:h:korenix:jetnet_6628xp-4f-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3A1FA23F-3E4E-46E5-A0F8-B31895C1B5CC" } ] } @@ -738,8 +738,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "E4B24BE6-6C7A-46F3-B020-79826444B8E8" + "criteria": "cpe:2.3:o:korenix:jetnet_6628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "70128CE4-FAF6-4564-BC3F-EFA813A01DD4" } ] }, @@ -749,8 +749,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6628x-4f-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711A5C6D-BD3F-4297-896B-D4C6193FF495" + "criteria": "cpe:2.3:h:korenix:jetnet_6628x-4f-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DAC14B48-37CE-4385-A779-A553850A7B3C" } ] } @@ -765,8 +765,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6728g-24p-ac-2dc-us_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "8EE4C4F8-CB14-47B9-9788-44491FDDA31D" + "criteria": "cpe:2.3:o:korenix:jetnet_6728g-24p-ac-2dc-us_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "22E4FFB2-CB4C-4088-A656-84B7F883DF6A" } ] }, @@ -776,8 +776,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E22EDFE-7E2D-4E66-AD86-BA84120D04B0" + "criteria": "cpe:2.3:h:korenix:jetnet_6728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D865328-72DC-4802-A82D-DBF30B638583" } ] } @@ -792,8 +792,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6728g-24p-ac-2dc-eu_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "EB39EAB6-D7E3-49CF-8221-C086AD7D7665" + "criteria": "cpe:2.3:o:korenix:jetnet_6728g-24p-ac-2dc-eu_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "3C837607-C6FF-40F2-AC88-6A9C48CB1029" } ] }, @@ -803,8 +803,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "444CE615-E6E9-4E3B-8D83-8AAC31F11AE9" + "criteria": "cpe:2.3:h:korenix:jetnet_6728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "16305FB2-E46A-4DDA-9E85-64DAD64B35D4" } ] } @@ -819,8 +819,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2dc48_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "71340F26-5B5C-45DE-A5C0-0EE6BBCF3E58" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2dc48_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "43816A78-45C6-4829-A4C4-72DA8E0E330C" } ] }, @@ -830,8 +830,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2dc48:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46C5A5D0-8A4C-42F8-A446-9296DD82D016" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2dc48:-:*:*:*:*:*:*:*", + "matchCriteriaId": "38E8437F-8F81-40D5-A4A2-D6D3D1E8DC7F" } ] } @@ -846,8 +846,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2dc24_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DB334C-8A0C-4BAA-BB2F-39DFA870F675" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2dc24_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9B733CE0-84AC-4E80-9276-F129F41DF88E" } ] }, @@ -857,8 +857,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2dc24:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A548EA71-D43D-444A-9A17-2FB019CCAB54" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2dc24:-:*:*:*:*:*:*:*", + "matchCriteriaId": "58C8D47C-A56B-43A2-9A85-4C5823A3B9A9" } ] } @@ -873,8 +873,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-ac-dc24-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "A289C72D-732F-4B71-AC89-AEBD27F81492" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-dc24-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8E1ADD38-C9C3-42AE-AD9A-D20FE64F44D2" } ] }, @@ -884,8 +884,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-ac-dc24-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "648F7C4F-0F6E-41D0-8405-DB95F14E874B" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-dc24-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "51811483-40D1-40B9-82CB-015CEA7A8ACE" } ] } @@ -900,8 +900,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "9BE2E55E-2895-4AB0-97DF-CDFAAF55E7C5" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0BC888A2-32AC-4DB0-B073-FE8FE9A565CB" } ] }, @@ -911,8 +911,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2ac-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58106DF8-A71C-4571-8E8B-CF8864C4C89E" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "585BC55D-9ED9-4A22-AFED-9C199A89011F" } ] } @@ -927,8 +927,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-ac-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "089E69A3-B477-420A-B665-0C264CB33703" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "527AFFFB-0626-41AD-9CD8-0E34ECC4B4A8" } ] }, @@ -938,8 +938,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-ac-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B29F3C4E-2A95-408B-BE3F-0E8DA5C9B71B" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7AA11034-5A43-45C5-A48A-B9754A63AFBF" } ] } @@ -954,8 +954,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2ac-au_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "2ADE14D8-796F-4E6D-9DAB-A93BEE5ECFEF" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-au_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A2B07B4D-6E13-4589-8ACA-ADF728EB4716" } ] }, @@ -965,8 +965,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2ac-au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3BC3C88F-71E9-4CEB-94F2-490D972AFA67" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-au:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C1523A9A-09E0-44E1-96E2-24FE49B7FDAA" } ] } @@ -981,8 +981,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-ac-dc24-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "2A315472-9721-4652-B21F-FA1E8506584C" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-ac-dc24-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "69E718E1-864B-4B97-8A4C-242E449728A6" } ] }, @@ -992,8 +992,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-ac-dc24-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "335308E4-31C3-4E90-B307-2AE076EE682F" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-ac-dc24-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C64F5C7-7FC0-415A-8209-145DA3A296FA" } ] } @@ -1008,8 +1008,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6828gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "D5E97906-9629-4776-8339-423C82D375FA" + "criteria": "cpe:2.3:o:korenix:jetnet_6828gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C26FCFA8-C978-4967-82CC-7CEBEC9014B8" } ] }, @@ -1019,8 +1019,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6828gf-2ac-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28BF440A-4CB4-4F23-A198-F5B5312AE944" + "criteria": "cpe:2.3:h:korenix:jetnet_6828gf-2ac-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "73431E6E-CAF5-4114-A2E8-BE9860558610" } ] } @@ -1035,8 +1035,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet6910g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "853C6DCB-DBBE-47E6-B318-0324E5739C92" + "criteria": "cpe:2.3:o:korenix:jetnet_6910g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "65334CFA-6C17-461E-9137-976244486B42" } ] }, @@ -1046,8 +1046,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet6910g-m12_hvdc:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6817848-C8E4-4D10-A0B4-6016072CC4DB" + "criteria": "cpe:2.3:h:korenix:jetnet_6910g-m12_hvdc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A1D90718-B60B-4950-9898-24E315D63F44" } ] } @@ -1062,8 +1062,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7310g-v2_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "049C0B4F-651B-4245-BB81-16AAE135FC94" + "criteria": "cpe:2.3:o:korenix:jetnet_7310g-v2_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BAC7EFE2-DE02-4012-955B-5078348B362C" } ] }, @@ -1073,8 +1073,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7310g-v2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FF040D6C-DE7F-4F6E-A13B-7DA987F6E4DF" + "criteria": "cpe:2.3:h:korenix:jetnet_7310g-v2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "53CE00D4-6846-4C28-83DD-13952831275E" } ] } @@ -1089,8 +1089,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628xp-4f-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "E2069D33-0BB9-4260-82F9-929FB90BB68C" + "criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C417B424-3504-4BFB-AFB9-B66C0AF38AD5" } ] }, @@ -1100,8 +1100,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628xp-4f-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C397929-6B19-42C1-A161-184639C6299A" + "criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E629B201-717C-4D7C-A1DE-04E0820B7AA9" } ] } @@ -1116,8 +1116,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "802DB1DE-5D36-4F08-B3A2-070B985D9360" + "criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "7B817CA4-30DC-419D-AD84-3489CA0C68D8" } ] }, @@ -1127,8 +1127,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628xp-4f-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C397929-6B19-42C1-A161-184639C6299A" + "criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E629B201-717C-4D7C-A1DE-04E0820B7AA9" } ] } @@ -1143,8 +1143,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628xp-4f-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "80E0983A-62CB-47A6-8CB7-664B81F87E0B" + "criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BE668B76-D528-4C4F-93CC-893479E2230C" } ] }, @@ -1154,8 +1154,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628xp-4f-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EB8AFE-42F2-453D-BBE4-75B3629CDF6B" + "criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6B566F22-B0BA-4259-B104-AFCEA5ECCA70" } ] } @@ -1170,8 +1170,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628xp-4f-eu_firmware:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "D2497E2C-4AD1-486A-B4FC-8F1A7E12D149" + "criteria": "cpe:2.3:o:korenix:jetnet_7628xp-4f-eu_firmware:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "72B8862C-DA86-46DD-957A-7B88C6C42927" } ] }, @@ -1181,8 +1181,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628xp-4f-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EB8AFE-42F2-453D-BBE4-75B3629CDF6B" + "criteria": "cpe:2.3:h:korenix:jetnet_7628xp-4f-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6B566F22-B0BA-4259-B104-AFCEA5ECCA70" } ] } @@ -1197,8 +1197,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628x-4f-us_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "2AB3AC94-D763-4CF7-9C3A-FE72D026FC1A" + "criteria": "cpe:2.3:o:korenix:jetnet_7628x-4f-us_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C3563599-3CF7-46ED-8734-0A52BA052071" } ] }, @@ -1208,8 +1208,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628x-4f-us:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4724A817-C5F4-4AEA-8E8A-04429BCA3344" + "criteria": "cpe:2.3:h:korenix:jetnet_7628x-4f-us:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6C722303-26DB-44AD-BF0D-A7930C52A638" } ] } @@ -1224,8 +1224,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "75826EA2-A247-4981-80DB-1B0653C6C6C3" + "criteria": "cpe:2.3:o:korenix:jetnet_7628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "AB06B11C-154D-4B6A-8E8E-A12831F8211E" } ] }, @@ -1235,8 +1235,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7628x-4f-eu:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96E344A8-27FE-4E48-948B-2C345CC14883" + "criteria": "cpe:2.3:h:korenix:jetnet_7628x-4f-eu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "41AF8048-A100-4BDB-B902-B80E70D89173" } ] } @@ -1251,8 +1251,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:korenix:jetnet7714g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "DB5460B2-BB27-4FE2-B2EE-B86467DD8EEF" + "criteria": "cpe:2.3:o:korenix:jetnet_7714g-m12_hvdc_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6624B567-4DF0-4A67-8C14-EB8E4BE1EEDA" } ] }, @@ -1262,8 +1262,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:korenix:jetnet7714g-m12_hvdc:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15EFEB55-14EF-444E-A854-0D6AD4E4AEB3" + "criteria": "cpe:2.3:h:korenix:jetnet_7714g-m12_hvdc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B0492BC5-5B2C-4DF7-971C-679955DE83AC" } ] } @@ -1276,7 +1276,8 @@ "source": "office@cyberdanube.com", "tags": [ "Exploit", - "Third Party Advisory" + "Third Party Advisory", + "VDB Entry" ] }, { @@ -1284,6 +1285,7 @@ "source": "office@cyberdanube.com", "tags": [ "Exploit", + "Mailing List", "Third Party Advisory" ] }, diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6158.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6158.json index ca43a849c66..498ae894082 100644 --- a/CVE-2023/CVE-2023-61xx/CVE-2023-6158.json +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6158.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6158", "sourceIdentifier": "security@wordfence.com", "published": "2024-01-10T15:15:10.167", - "lastModified": "2024-01-10T16:59:53.407", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:36:01.273", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the evo_eventpost_update_meta function in all versions up to, and including, 4.5.4 (for Pro) and 2.2.7 (for free). This makes it possible for unauthenticated attackers to update and remove arbitrary post metadata. Note that certain parameters may allow for content injection." + }, + { + "lang": "es", + "value": "El complemento EventON - WordPress Virtual Event Calendar Plugin para WordPress es vulnerable a modificaciones no autorizadas de datos y p\u00e9rdida de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n evo_eventpost_update_meta en todas las versiones hasta 4.5.4 (para Pro) y 2.2.7 incluida (gratis). Esto hace posible que atacantes no autenticados actualicen y eliminen metadatos de publicaciones arbitrarias. Tenga en cuenta que ciertos par\u00e1metros pueden permitir la inyecci\u00f3n de contenido." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -34,18 +58,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.5.4", + "matchCriteriaId": "2EDE7CA5-2467-4B83-B8B5-9940A7CBD275" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:myeventon:eventon-lite:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.2.7", + "matchCriteriaId": "131AC85C-5608-42D1-B684-C2844FA4119B" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.myeventon.com/documentations/eventon-changelog/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3017578/eventon-lite/trunk/includes/admin/class-admin-ajax.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/19f94c4f-145b-4058-aabd-06525fce3cea?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6567.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6567.json index 687f3fe6bf1..ab468655c06 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6567.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6567.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6567", "sourceIdentifier": "security@wordfence.com", "published": "2024-01-11T09:15:49.407", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:46:59.213", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -38,14 +58,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.2.5.8", + "matchCriteriaId": "31CF97A5-E33D-4219-85B7-CC758FC57639" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3013957/learnpress", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ab578cd-3a0b-43d3-aaa7-0a01f431a4e2?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6582.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6582.json index 841a1a0fe34..9bf6fe174c1 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6582.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6582.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6582", "sourceIdentifier": "security@wordfence.com", "published": "2024-01-11T09:15:49.617", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:45:11.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -38,22 +58,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmet:elements_kit_elementor_addons:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.4", + "matchCriteriaId": "F6E2247D-FA3F-40BE-940E-CFF6CFE86C3A" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.3/modules/controls/widget-area-utils.php#L15", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.3/widgets/init/enqueue-scripts.php#L44", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3011323/elementskit-lite/trunk/modules/controls/widget-area-utils.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff4ae5c8-d164-4c2f-9bf3-83934c22cf4c?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6583.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6583.json index eb4744b40b8..6c248598600 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6583.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6583.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6583", "sourceIdentifier": "security@wordfence.com", "published": "2024-01-11T09:15:49.777", - "lastModified": "2024-01-11T13:57:26.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:42:13.750", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -38,14 +58,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codection:import_and_export_users_and_customers:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.24.2", + "matchCriteriaId": "9D954D92-332A-48C2-B024-2DCDFEABD020" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3007057/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac709779-36f1-4f66-8db3-95a514a5ea59?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0389.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0389.json index 2bd8689283c..109c633edb4 100644 --- a/CVE-2024/CVE-2024-03xx/CVE-2024-0389.json +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0389.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0389", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-10T14:15:44.663", - "lastModified": "2024-01-10T16:59:53.407", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:35:31.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in SourceCodester Student Attendance System 1.0. Affected is an unknown function of the file attendance_report.php. The manipulation of the argument class_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250230 is the identifier assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester Student Attendance System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo attendance_report.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento class_id conduce a la inyecci\u00f3n de SQL. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-250230 es el identificador asignado a esta vulnerabilidad." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:student_attendance_system_project:student_attendance_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "04D954BA-08A7-4F4A-B5F7-A0500095AA77" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1Vi-IGjAZbitDqEvmd9ONrxE0MgB8-v1I/view?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.250230", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.250230", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0396.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0396.json index 96360dba48f..521cafc2010 100644 --- a/CVE-2024/CVE-2024-03xx/CVE-2024-0396.json +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0396.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0396", "sourceIdentifier": "security@progress.com", "published": "2024-01-17T16:15:46.623", - "lastModified": "2024-01-17T16:15:46.623", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0468.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0468.json index a89897582b3..9661f2f23f8 100644 --- a/CVE-2024/CVE-2024-04xx/CVE-2024-0468.json +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0468.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0468", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-12T21:15:10.350", - "lastModified": "2024-01-14T21:42:17.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:30:21.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/action/new-father.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250573 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en code-projects Fighting Cock Information System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /admin/action/new-father.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento image conduce a una carga sin restricciones. El ataque se puede lanzar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-250573." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -60,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +105,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:fighting_cock_information_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0249E06A-469D-4F3E-9BDE-0A0EC6B58056" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/BxYQ/vul/blob/main/FIGHTING_COCK_INFORMATION_SYSTEM_File9docx.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://vuldb.com/?ctiid.250573", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.250573", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0469.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0469.json index 0a202e49b5e..9937d5c7868 100644 --- a/CVE-2024/CVE-2024-04xx/CVE-2024-0469.json +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0469.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0469", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-12T21:15:10.573", - "lastModified": "2024-01-14T21:42:17.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:29:59.303", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Human Resource Integrated System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update_personal_info.php. The manipulation of the argument sex leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250574 is the identifier assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en code-projects Human Resource Integrated System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo update_personal_info.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento sex conduce a la inyecci\u00f3n SQL. El ataque puede lanzarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-250574 es el identificador asignado a esta vulnerabilidad." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code-projects:human_resource_integrated_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "5938CA79-F046-4802-A059-D3CADDB7680B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yingqian1984/FirePunch/blob/main/11-Human%20Resource%20Integrated%20System%20has%20SQL%20injection%20vulnerabilities%20update_personal_info.php.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://vuldb.com/?ctiid.250574", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.250574", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0470.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0470.json index 726b491a08f..7057e2aa88a 100644 --- a/CVE-2024/CVE-2024-04xx/CVE-2024-0470.json +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0470.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0470", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-12T21:15:10.800", - "lastModified": "2024-01-14T21:42:17.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:27:01.340", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been classified as critical. This affects an unknown part of the file /admin_route/inc_service_credits.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250575." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en code-projects Human Resource Integrated System 1.0. Ha sido clasificada como cr\u00edtica. Esto afecta a una parte desconocida del archivo /admin_route/inc_service_credits.php. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. Es posible iniciar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-250575." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fabianros:human_resource_integrated_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "97ADC395-708B-46E6-9FDB-B97645F44831" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yingqian1984/FirePunch/blob/main/11-Human%20Resource%20Integrated%20System%20has%20SQL%20injection%20vulnerabilities%20inc_service_credits.php.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://vuldb.com/?ctiid.250575", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.250575", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0471.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0471.json index c761b029b7c..98e9a13eb34 100644 --- a/CVE-2024/CVE-2024-04xx/CVE-2024-0471.json +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0471.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0471", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-12T21:15:11.050", - "lastModified": "2024-01-14T21:42:17.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T18:27:15.440", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin_route/dec_service_credits.php. The manipulation of the argument date leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250576." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en code-projects Human Resource Integrated System 1.0. Ha sido declarada cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin_route/dec_service_credits.php. La manipulaci\u00f3n del argumento date conduce a la inyecci\u00f3n de SQL. El ataque se puede iniciar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-250576." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fabianros:human_resource_integrated_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "97ADC395-708B-46E6-9FDB-B97645F44831" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yingqian1984/FirePunch/blob/main/11-Human%20Resource%20Integrated%20System%20has%20SQL%20injection%20vulnerabilities%20dec_service_credits.php.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://vuldb.com/?ctiid.250576", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.250576", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0639.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0639.json index e2800daea1a..b0de6fdb6e6 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0639.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0639.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0639", "sourceIdentifier": "secalert@redhat.com", "published": "2024-01-17T16:15:46.810", - "lastModified": "2024-01-17T16:15:46.810", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0641.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0641.json index 9ff9ddedca2..df9228d0e34 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0641.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0641.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0641", "sourceIdentifier": "secalert@redhat.com", "published": "2024-01-17T16:15:47.003", - "lastModified": "2024-01-17T16:15:47.003", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0642.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0642.json index 34f8fcfaec5..a9663e139e0 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0642.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0642.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0642", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-01-17T14:15:43.470", - "lastModified": "2024-01-17T14:15:43.470", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:08.140", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0643.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0643.json index b00db8e00da..fc3cd48790f 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0643.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0643.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0643", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-01-17T14:15:43.920", - "lastModified": "2024-01-17T14:15:43.920", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:08.140", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0645.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0645.json index 318cba3cd64..a05a19a9e99 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0645.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0645.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0645", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-01-17T14:15:44.113", - "lastModified": "2024-01-17T14:15:44.113", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:08.140", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0646.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0646.json index 98aa679dc6a..da98f3aa5ff 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0646.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0646.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0646", "sourceIdentifier": "secalert@redhat.com", "published": "2024-01-17T16:15:47.190", - "lastModified": "2024-01-17T16:15:47.190", - "vulnStatus": "Received", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20251.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20251.json new file mode 100644 index 00000000000..8a80d3e34c3 --- /dev/null +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20251.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-20251", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-01-17T17:15:11.350", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ISE-XSS-bL4VTML", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20270.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20270.json new file mode 100644 index 00000000000..22dc57f5c1a --- /dev/null +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20270.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-20270", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-01-17T17:15:11.627", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-xss-6syj82Ju", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20272.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20272.json new file mode 100644 index 00000000000..534ad5f7939 --- /dev/null +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20272.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-20272", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-01-17T17:15:12.130", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system and execute commands on the underlying operating system. This vulnerability is due to a lack of authentication in a specific API and improper validation of user-supplied data. An attacker could exploit this vulnerability by uploading arbitrary files to an affected system. A successful exploit could allow the attacker to store malicious files on the system, execute arbitrary commands on the operating system, and elevate privileges to root." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-unauth-afu-FROYsCsD", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20277.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20277.json new file mode 100644 index 00000000000..f8be4b4022a --- /dev/null +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20277.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-20277", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-01-17T17:15:12.300", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands and elevate privileges to root." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thouseyes-privesc-DmzHG3Qv", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-202xx/CVE-2024-20287.json b/CVE-2024/CVE-2024-202xx/CVE-2024-20287.json new file mode 100644 index 00000000000..4fd2e7ebc18 --- /dev/null +++ b/CVE-2024/CVE-2024-202xx/CVE-2024-20287.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-20287", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-01-17T17:15:12.467", + "lastModified": "2024-01-17T17:35:02.713", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio Access Point (AP) with Single Point Setup could allow an authenticated, remote attacker to perform command injection attacks against an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit this vulnerability, the attacker must have valid administrative credentials for the device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-bHStWgXO", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-206xx/CVE-2024-20653.json b/CVE-2024/CVE-2024-206xx/CVE-2024-20653.json index 89186869756..a540cc363e8 100644 --- a/CVE-2024/CVE-2024-206xx/CVE-2024-20653.json +++ b/CVE-2024/CVE-2024-206xx/CVE-2024-20653.json @@ -2,12 +2,16 @@ "id": "CVE-2024-20653", "sourceIdentifier": "secure@microsoft.com", "published": "2024-01-09T18:15:47.940", - "lastModified": "2024-01-09T19:56:14.023", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:04:25.387", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Microsoft Common Log File System Elevation of Privilege Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de elevaci\u00f3n de privilegios del sistema de archivos de registro com\u00fan de Microsoft" } ], "metrics": { @@ -34,10 +38,187 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20402", + "matchCriteriaId": "46ABD897-272E-49BD-BCD1-79EA0908349D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20402", + "matchCriteriaId": "B85886E7-0E67-4BBD-9E42-4507DF422BCF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6614", + "matchCriteriaId": "1301CF7B-D772-4AAA-BFF2-88BF493A324E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6614", + "matchCriteriaId": "DDEB129C-34A6-47E5-A652-51FCE0A3A880" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.17763.5329", + "matchCriteriaId": "F0470D92-707F-4073-886A-ECDC4F2E1CAC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.5329", + "matchCriteriaId": "9C150F7E-8967-4AB8-8DF8-EBC89A10D554" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.5329", + "matchCriteriaId": "A7997F10-4040-4664-B55E-0039E25B4F79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19044.3930", + "matchCriteriaId": "C541A6B6-7D07-4EA9-89FF-81D815A9476F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19044.3930", + "matchCriteriaId": "5BFCE595-C6A9-4F10-9EC7-58C1D66BB436" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19044.3930", + "matchCriteriaId": "A49993E0-2369-48E3-A925-6405722F1A19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19045.3930", + "matchCriteriaId": "5D738639-84ED-4215-82F1-7D94D68D3396" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.3930", + "matchCriteriaId": "047947E7-B85E-4D6A-9B92-E39E4828206E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.3930", + "matchCriteriaId": "45296209-531C-48D1-84DA-FAD9E28E7999" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22000.2713", + "matchCriteriaId": "6FA472E2-4501-4597-9979-796258111DA5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22000.2713", + "matchCriteriaId": "0F377DD9-2DBF-4202-AF3F-6AC6A809F4E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.3007", + "matchCriteriaId": "C48178EC-BDEE-4F78-BCFB-B125F5CA0A9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.3007", + "matchCriteriaId": "04C81079-1855-4F8C-A9E2-3E2CC796C4F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22631.3007", + "matchCriteriaId": "91F6049F-03C1-494C-8AA1-6DE27D335139" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22631.3007", + "matchCriteriaId": "A00CE59A-0762-4AA4-99DA-5C9545F85666" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20653", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-206xx/CVE-2024-20656.json b/CVE-2024/CVE-2024-206xx/CVE-2024-20656.json index 788f7f49894..6562ebc0c78 100644 --- a/CVE-2024/CVE-2024-206xx/CVE-2024-20656.json +++ b/CVE-2024/CVE-2024-206xx/CVE-2024-20656.json @@ -2,12 +2,16 @@ "id": "CVE-2024-20656", "sourceIdentifier": "secure@microsoft.com", "published": "2024-01-09T18:15:48.490", - "lastModified": "2024-01-09T19:56:14.023", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:22:25.503", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Visual Studio Elevation of Privilege Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Visual Studio" } ], "metrics": { @@ -34,10 +38,78 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*", + "matchCriteriaId": "62FE95C2-066B-491D-82BF-3EF173822B2F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.9.59", + "matchCriteriaId": "8A3FE761-3245-4763-9FC8-FA81B2AFC945" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.11.33", + "matchCriteriaId": "EEAEA929-9BCB-463F-BFD7-E56E9BEB8AB3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.2", + "versionEndExcluding": "17.2.23", + "matchCriteriaId": "05D999A1-AB25-4642-8D94-07AD00FEE820" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.4", + "versionEndExcluding": "17.4.15", + "matchCriteriaId": "AE1C61FB-CC6B-4D88-8B7F-FFE9D1238A6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.6", + "versionEndExcluding": "17.6.11", + "matchCriteriaId": "7CA9C0A3-7D62-40CE-8493-514CB313F72C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20656", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-206xx/CVE-2024-20657.json b/CVE-2024/CVE-2024-206xx/CVE-2024-20657.json index 48ba278b85c..7e9ff93d2a4 100644 --- a/CVE-2024/CVE-2024-206xx/CVE-2024-20657.json +++ b/CVE-2024/CVE-2024-206xx/CVE-2024-20657.json @@ -2,12 +2,16 @@ "id": "CVE-2024-20657", "sourceIdentifier": "secure@microsoft.com", "published": "2024-01-09T18:15:48.670", - "lastModified": "2024-01-09T19:56:14.023", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:28:35.963", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Windows Group Policy Elevation of Privilege Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de elevaci\u00f3n de privilegios en la pol\u00edtica de grupo de Windows" } ], "metrics": { @@ -34,10 +38,187 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20402", + "matchCriteriaId": "46ABD897-272E-49BD-BCD1-79EA0908349D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20402", + "matchCriteriaId": "B85886E7-0E67-4BBD-9E42-4507DF422BCF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6614", + "matchCriteriaId": "1301CF7B-D772-4AAA-BFF2-88BF493A324E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6614", + "matchCriteriaId": "DDEB129C-34A6-47E5-A652-51FCE0A3A880" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.17763.5329", + "matchCriteriaId": "F0470D92-707F-4073-886A-ECDC4F2E1CAC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.5329", + "matchCriteriaId": "9C150F7E-8967-4AB8-8DF8-EBC89A10D554" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.5329", + "matchCriteriaId": "A7997F10-4040-4664-B55E-0039E25B4F79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19044.3930", + "matchCriteriaId": "C541A6B6-7D07-4EA9-89FF-81D815A9476F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19044.3930", + "matchCriteriaId": "5BFCE595-C6A9-4F10-9EC7-58C1D66BB436" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19044.3930", + "matchCriteriaId": "A49993E0-2369-48E3-A925-6405722F1A19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19045.3930", + "matchCriteriaId": "5D738639-84ED-4215-82F1-7D94D68D3396" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.3930", + "matchCriteriaId": "047947E7-B85E-4D6A-9B92-E39E4828206E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.3930", + "matchCriteriaId": "45296209-531C-48D1-84DA-FAD9E28E7999" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22000.2713", + "matchCriteriaId": "6FA472E2-4501-4597-9979-796258111DA5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22000.2713", + "matchCriteriaId": "0F377DD9-2DBF-4202-AF3F-6AC6A809F4E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.3007", + "matchCriteriaId": "C48178EC-BDEE-4F78-BCFB-B125F5CA0A9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.3007", + "matchCriteriaId": "04C81079-1855-4F8C-A9E2-3E2CC796C4F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22631.3007", + "matchCriteriaId": "91F6049F-03C1-494C-8AA1-6DE27D335139" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22631.3007", + "matchCriteriaId": "A00CE59A-0762-4AA4-99DA-5C9545F85666" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20657", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20714.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20714.json index aafb243ae92..9ab319b291b 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20714.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20714.json @@ -2,18 +2,22 @@ "id": "CVE-2024-20714", "sourceIdentifier": "psirt@adobe.com", "published": "2024-01-10T13:15:49.703", - "lastModified": "2024-01-10T13:56:00.697", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:31:11.130", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 2.1.3 y anteriores de Adobe Substance 3D Stager se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -46,10 +70,49 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.1.3", + "matchCriteriaId": "2CA28535-8EC9-4966-B508-00F187105C3D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-06.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20715.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20715.json index 28fb178a93b..390f4d1f641 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20715.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20715.json @@ -2,18 +2,22 @@ "id": "CVE-2024-20715", "sourceIdentifier": "psirt@adobe.com", "published": "2024-01-10T13:15:49.900", - "lastModified": "2024-01-10T13:56:00.697", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-17T17:33:43.200", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 2.1.3 y anteriores de Adobe Substance 3D Stager se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -46,10 +70,49 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.1.3", + "matchCriteriaId": "2CA28535-8EC9-4966-B508-00F187105C3D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-06.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-227xx/CVE-2024-22714.json b/CVE-2024/CVE-2024-227xx/CVE-2024-22714.json new file mode 100644 index 00000000000..37ce8388ef6 --- /dev/null +++ b/CVE-2024/CVE-2024-227xx/CVE-2024-22714.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-22714", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-17T18:15:45.410", + "lastModified": "2024-01-17T18:15:45.410", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stupid Simple CMS <=1.2.4 is vulnerable to Cross Site Scripting (XSS) in the editing section of the article content." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/RumblingIsOccupied/cms/blob/main/2.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-227xx/CVE-2024-22715.json b/CVE-2024/CVE-2024-227xx/CVE-2024-22715.json new file mode 100644 index 00000000000..a3c7721db09 --- /dev/null +++ b/CVE-2024/CVE-2024-227xx/CVE-2024-22715.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-22715", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-17T18:15:45.457", + "lastModified": "2024-01-17T18:15:45.457", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stupid Simple CMS <=1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin-edit.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/RumblingIsOccupied/cms/blob/main/1.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 701447a7de8..1a905b97188 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-17T17:00:25.501586+00:00 +2024-01-17T19:00:25.032103+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-17T16:15:47.190000+00:00 +2024-01-17T18:52:03.727000+00:00 ``` ### Last Data Feed Release @@ -29,54 +29,64 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -236218 +236238 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `20` -* [CVE-2022-36418](CVE-2022/CVE-2022-364xx/CVE-2022-36418.json) (`2024-01-17T16:15:45.817`) -* [CVE-2022-38141](CVE-2022/CVE-2022-381xx/CVE-2022-38141.json) (`2024-01-17T16:15:46.033`) -* [CVE-2022-40203](CVE-2022/CVE-2022-402xx/CVE-2022-40203.json) (`2024-01-17T16:15:46.230`) -* [CVE-2023-5006](CVE-2023/CVE-2023-50xx/CVE-2023-5006.json) (`2024-01-17T15:15:10.803`) -* [CVE-2023-5041](CVE-2023/CVE-2023-50xx/CVE-2023-5041.json) (`2024-01-17T15:15:10.850`) -* [CVE-2023-34379](CVE-2023/CVE-2023-343xx/CVE-2023-34379.json) (`2024-01-17T16:15:46.427`) -* [CVE-2024-0396](CVE-2024/CVE-2024-03xx/CVE-2024-0396.json) (`2024-01-17T16:15:46.623`) -* [CVE-2024-0639](CVE-2024/CVE-2024-06xx/CVE-2024-0639.json) (`2024-01-17T16:15:46.810`) -* [CVE-2024-0641](CVE-2024/CVE-2024-06xx/CVE-2024-0641.json) (`2024-01-17T16:15:47.003`) -* [CVE-2024-0646](CVE-2024/CVE-2024-06xx/CVE-2024-0646.json) (`2024-01-17T16:15:47.190`) +* [CVE-2022-40702](CVE-2022/CVE-2022-407xx/CVE-2022-40702.json) (`2024-01-17T17:15:09.120`) +* [CVE-2022-41619](CVE-2022/CVE-2022-416xx/CVE-2022-41619.json) (`2024-01-17T17:15:09.333`) +* [CVE-2022-41695](CVE-2022/CVE-2022-416xx/CVE-2022-41695.json) (`2024-01-17T17:15:09.550`) +* [CVE-2022-41990](CVE-2022/CVE-2022-419xx/CVE-2022-41990.json) (`2024-01-17T17:15:09.757`) +* [CVE-2022-41786](CVE-2022/CVE-2022-417xx/CVE-2022-41786.json) (`2024-01-17T18:15:45.000`) +* [CVE-2022-41790](CVE-2022/CVE-2022-417xx/CVE-2022-41790.json) (`2024-01-17T18:15:45.207`) +* [CVE-2023-20257](CVE-2023/CVE-2023-202xx/CVE-2023-20257.json) (`2024-01-17T17:15:09.960`) +* [CVE-2023-20258](CVE-2023/CVE-2023-202xx/CVE-2023-20258.json) (`2024-01-17T17:15:10.147`) +* [CVE-2023-20260](CVE-2023/CVE-2023-202xx/CVE-2023-20260.json) (`2024-01-17T17:15:10.323`) +* [CVE-2023-20271](CVE-2023/CVE-2023-202xx/CVE-2023-20271.json) (`2024-01-17T17:15:10.540`) +* [CVE-2023-23882](CVE-2023/CVE-2023-238xx/CVE-2023-23882.json) (`2024-01-17T17:15:10.720`) +* [CVE-2023-23896](CVE-2023/CVE-2023-238xx/CVE-2023-23896.json) (`2024-01-17T17:15:10.913`) +* [CVE-2023-50950](CVE-2023/CVE-2023-509xx/CVE-2023-50950.json) (`2024-01-17T17:15:11.143`) +* [CVE-2024-20251](CVE-2024/CVE-2024-202xx/CVE-2024-20251.json) (`2024-01-17T17:15:11.350`) +* [CVE-2024-20270](CVE-2024/CVE-2024-202xx/CVE-2024-20270.json) (`2024-01-17T17:15:11.627`) +* [CVE-2024-20272](CVE-2024/CVE-2024-202xx/CVE-2024-20272.json) (`2024-01-17T17:15:12.130`) +* [CVE-2024-20277](CVE-2024/CVE-2024-202xx/CVE-2024-20277.json) (`2024-01-17T17:15:12.300`) +* [CVE-2024-20287](CVE-2024/CVE-2024-202xx/CVE-2024-20287.json) (`2024-01-17T17:15:12.467`) +* [CVE-2024-22714](CVE-2024/CVE-2024-227xx/CVE-2024-22714.json) (`2024-01-17T18:15:45.410`) +* [CVE-2024-22715](CVE-2024/CVE-2024-227xx/CVE-2024-22715.json) (`2024-01-17T18:15:45.457`) ### CVEs modified in the last Commit -Recently modified CVEs: `40` +Recently modified CVEs: `53` -* [CVE-2023-5376](CVE-2023/CVE-2023-53xx/CVE-2023-5376.json) (`2024-01-17T15:05:39.563`) -* [CVE-2023-49810](CVE-2023/CVE-2023-498xx/CVE-2023-49810.json) (`2024-01-17T15:07:26.067`) -* [CVE-2023-49738](CVE-2023/CVE-2023-497xx/CVE-2023-49738.json) (`2024-01-17T15:08:28.850`) -* [CVE-2023-38022](CVE-2023/CVE-2023-380xx/CVE-2023-38022.json) (`2024-01-17T15:09:09.537`) -* [CVE-2023-49715](CVE-2023/CVE-2023-497xx/CVE-2023-49715.json) (`2024-01-17T15:14:14.103`) -* [CVE-2023-49599](CVE-2023/CVE-2023-495xx/CVE-2023-49599.json) (`2024-01-17T15:14:39.320`) -* [CVE-2023-21830](CVE-2023/CVE-2023-218xx/CVE-2023-21830.json) (`2024-01-17T15:15:10.047`) -* [CVE-2023-21835](CVE-2023/CVE-2023-218xx/CVE-2023-21835.json) (`2024-01-17T15:15:10.157`) -* [CVE-2023-21843](CVE-2023/CVE-2023-218xx/CVE-2023-21843.json) (`2024-01-17T15:15:10.240`) -* [CVE-2023-45229](CVE-2023/CVE-2023-452xx/CVE-2023-45229.json) (`2024-01-17T15:15:10.330`) -* [CVE-2023-45230](CVE-2023/CVE-2023-452xx/CVE-2023-45230.json) (`2024-01-17T15:15:10.400`) -* [CVE-2023-45231](CVE-2023/CVE-2023-452xx/CVE-2023-45231.json) (`2024-01-17T15:15:10.470`) -* [CVE-2023-45232](CVE-2023/CVE-2023-452xx/CVE-2023-45232.json) (`2024-01-17T15:15:10.540`) -* [CVE-2023-45233](CVE-2023/CVE-2023-452xx/CVE-2023-45233.json) (`2024-01-17T15:15:10.610`) -* [CVE-2023-45234](CVE-2023/CVE-2023-452xx/CVE-2023-45234.json) (`2024-01-17T15:15:10.670`) -* [CVE-2023-45235](CVE-2023/CVE-2023-452xx/CVE-2023-45235.json) (`2024-01-17T15:15:10.737`) -* [CVE-2023-49589](CVE-2023/CVE-2023-495xx/CVE-2023-49589.json) (`2024-01-17T15:16:26.823`) -* [CVE-2023-38021](CVE-2023/CVE-2023-380xx/CVE-2023-38021.json) (`2024-01-17T15:17:38.897`) -* [CVE-2023-48730](CVE-2023/CVE-2023-487xx/CVE-2023-48730.json) (`2024-01-17T15:17:52.480`) -* [CVE-2023-48728](CVE-2023/CVE-2023-487xx/CVE-2023-48728.json) (`2024-01-17T15:19:11.497`) -* [CVE-2023-47862](CVE-2023/CVE-2023-478xx/CVE-2023-47862.json) (`2024-01-17T15:21:15.080`) -* [CVE-2023-47861](CVE-2023/CVE-2023-478xx/CVE-2023-47861.json) (`2024-01-17T15:21:57.430`) -* [CVE-2023-47171](CVE-2023/CVE-2023-471xx/CVE-2023-47171.json) (`2024-01-17T15:22:38.970`) -* [CVE-2023-45139](CVE-2023/CVE-2023-451xx/CVE-2023-45139.json) (`2024-01-17T15:36:52.233`) -* [CVE-2024-21907](CVE-2024/CVE-2024-219xx/CVE-2024-21907.json) (`2024-01-17T15:24:07.360`) +* [CVE-2023-52030](CVE-2023/CVE-2023-520xx/CVE-2023-52030.json) (`2024-01-17T18:25:43.917`) +* [CVE-2023-52029](CVE-2023/CVE-2023-520xx/CVE-2023-52029.json) (`2024-01-17T18:26:18.677`) +* [CVE-2023-52028](CVE-2023/CVE-2023-520xx/CVE-2023-52028.json) (`2024-01-17T18:26:49.623`) +* [CVE-2023-40393](CVE-2023/CVE-2023-403xx/CVE-2023-40393.json) (`2024-01-17T18:30:39.897`) +* [CVE-2023-6583](CVE-2023/CVE-2023-65xx/CVE-2023-6583.json) (`2024-01-17T18:42:13.750`) +* [CVE-2023-6582](CVE-2023/CVE-2023-65xx/CVE-2023-6582.json) (`2024-01-17T18:45:11.677`) +* [CVE-2023-6567](CVE-2023/CVE-2023-65xx/CVE-2023-6567.json) (`2024-01-17T18:46:59.213`) +* [CVE-2023-40433](CVE-2023/CVE-2023-404xx/CVE-2023-40433.json) (`2024-01-17T18:52:03.727`) +* [CVE-2024-20653](CVE-2024/CVE-2024-206xx/CVE-2024-20653.json) (`2024-01-17T17:04:25.387`) +* [CVE-2024-20656](CVE-2024/CVE-2024-206xx/CVE-2024-20656.json) (`2024-01-17T17:22:25.503`) +* [CVE-2024-20657](CVE-2024/CVE-2024-206xx/CVE-2024-20657.json) (`2024-01-17T17:28:35.963`) +* [CVE-2024-20714](CVE-2024/CVE-2024-207xx/CVE-2024-20714.json) (`2024-01-17T17:31:11.130`) +* [CVE-2024-20715](CVE-2024/CVE-2024-207xx/CVE-2024-20715.json) (`2024-01-17T17:33:43.200`) +* [CVE-2024-0396](CVE-2024/CVE-2024-03xx/CVE-2024-0396.json) (`2024-01-17T17:35:02.713`) +* [CVE-2024-0639](CVE-2024/CVE-2024-06xx/CVE-2024-0639.json) (`2024-01-17T17:35:02.713`) +* [CVE-2024-0641](CVE-2024/CVE-2024-06xx/CVE-2024-0641.json) (`2024-01-17T17:35:02.713`) +* [CVE-2024-0646](CVE-2024/CVE-2024-06xx/CVE-2024-0646.json) (`2024-01-17T17:35:02.713`) +* [CVE-2024-0642](CVE-2024/CVE-2024-06xx/CVE-2024-0642.json) (`2024-01-17T17:35:08.140`) +* [CVE-2024-0643](CVE-2024/CVE-2024-06xx/CVE-2024-0643.json) (`2024-01-17T17:35:08.140`) +* [CVE-2024-0645](CVE-2024/CVE-2024-06xx/CVE-2024-0645.json) (`2024-01-17T17:35:08.140`) +* [CVE-2024-0389](CVE-2024/CVE-2024-03xx/CVE-2024-0389.json) (`2024-01-17T17:35:31.857`) +* [CVE-2024-0470](CVE-2024/CVE-2024-04xx/CVE-2024-0470.json) (`2024-01-17T18:27:01.340`) +* [CVE-2024-0471](CVE-2024/CVE-2024-04xx/CVE-2024-0471.json) (`2024-01-17T18:27:15.440`) +* [CVE-2024-0469](CVE-2024/CVE-2024-04xx/CVE-2024-0469.json) (`2024-01-17T18:29:59.303`) +* [CVE-2024-0468](CVE-2024/CVE-2024-04xx/CVE-2024-0468.json) (`2024-01-17T18:30:21.263`) ## Download and Usage