Auto-Update: 2023-10-06T14:00:25.028075+00:00

CVE-2015/CVE-2015-101xx/CVE-2015-10125.json

@@ -2,12 +2,16 @@
   "id": "CVE-2015-10125",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2023-10-05T23:15:09.330",
-  "lastModified": "2023-10-05T23:15:09.330",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability classified as problematic has been found in WP Ultimate CSV Importer Plugin 3.7.2 on WordPress. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 3.7.3 is able to address this issue. The identifier of the patch is 13c30af721d3f989caac72dd0f56cf0dc40fad7e. It is recommended to upgrade the affected component. The identifier VDB-241317 was assigned to this vulnerability."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad ha sido encontrada en WP Ultimate CSV Importer Plugin 3.7.2 en WordPress y clasificada como problem\u00e1tica. Esto afecta a una parte desconocida. La manipulaci\u00f3n conduce a cross-site request forgery. Es posible iniciar el ataque de forma remota. La actualizaci\u00f3n a la versi\u00f3n 3.7.3 puede solucionar este problema. El identificador del parche es 13c30af721d3f989caac72dd0f56cf0dc40fad7e. Se recomienda actualizar el componente afectado. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-241317."
     }
   ],
   "metrics": {

CVE-2015/CVE-2015-101xx/CVE-2015-10126.json

@@ -2,8 +2,8 @@
   "id": "CVE-2015-10126",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2023-10-06T08:15:43.293",
-  "lastModified": "2023-10-06T08:15:43.293",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-471xx/CVE-2022-47175.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2022-47175",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-10-06T13:15:12.097",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-Site Request Forgery (CSRF) vulnerability in P Royal Royal Elementor Addons and Templates plugin <=\u00a01.3.75 versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/royal-elementor-addons/wordpress-royal-elementor-addons-plugin-1-3-75-multiple-cross-site-request-forgery-csrf?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-202xx/CVE-2023-20202.json

@@ -2,16 +2,40 @@
   "id": "CVE-2023-20202",
   "sourceIdentifier": "ykramarz@cisco.com",
   "published": "2023-09-27T18:15:11.177",
-  "lastModified": "2023-09-27T18:31:27.343",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-10-06T13:14:27.787",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network requests to an affected device. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to reload, resulting in a DoS condition."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad en el Wireless Network Control daemon (wncd) del software Cisco IOS XE para controladores de LAN inal\u00e1mbrica podr\u00eda permitir que un atacante adyacente no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una gesti\u00f3n inadecuada de la memoria. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de solicitudes de red a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir que el atacante haga que el proceso wncd consuma memoria disponible y, eventualmente, haga que el dispositivo se recargue, lo que resultar\u00eda en una condici\u00f3n DoS."
     }
   ],
   "metrics": {
     "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      },
       {
         "source": "ykramarz@cisco.com",
         "type": "Secondary",
@@ -34,10 +58,219 @@
       }
     ]
   },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
+              "matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
+              "matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2b:*:*:*:*:*:*:*",
+              "matchCriteriaId": "91A099C9-0C81-4819-BE4A-FE59144C55BD"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
+              "matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9105i:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "93510CF6-232E-4FBD-BF01-79070306FB97"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9105w:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "77BE20A3-964E-46D3-ACA2-B53A175027D9"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9124d:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D7E3AD79-8F3B-4E8E-8226-2B5101F1A3D2"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9124e:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "8B64B8AB-DD2A-4306-8546-1D64E24868F4"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9124i:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "54712AF5-EF16-4F83-99BB-D3B8D93AF986"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "09185C81-6FDF-4E6D-B8F7-E4B5D77909F4"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9162:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "C9347227-9FA8-46B6-96EF-713543376296"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "96E81F0A-5B5C-4DD3-A56F-C7BF53D4B070"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "774AEB3E-5D6A-4E66-B0B4-C014A7C180E6"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9166d1:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E5133F50-F67C-4195-B18F-887EFC88FA52"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:iw9167eh-x-ap:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7DAC9FCA-D624-4A7D-9FA6-3D163FFE7453"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:iw9167eh-x-urwb:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "08D5D1CC-0D0A-4034-8147-B5574EE42385"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:iw9167eh-x-wgb:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D2180290-8F76-4BF6-8480-1FC9D1B0D93B"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:iw9167ih-x-ap:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B01614D9-3D1E-4E8D-B535-20282EBECE6B"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-HFGMsfSD",
-      "source": "ykramarz@cisco.com"
+      "source": "ykramarz@cisco.com",
+      "tags": [
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-202xx/CVE-2023-20226.json

@@ -2,16 +2,40 @@
   "id": "CVE-2023-20226",
   "sourceIdentifier": "ykramarz@cisco.com",
   "published": "2023-09-27T18:15:11.307",
-  "lastModified": "2023-09-27T18:31:27.343",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-10-06T13:16:14.340",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad en la Application Quality of Experience (AppQoE) y en el Unified Threat Defense (UTD) en el software Cisco IOS XE podr\u00eda permitir que un atacante remoto no autenticado provoque que un dispositivo afectado se recargue inesperadamente, lo que resultar\u00eda en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe al mal manejo de un flujo de paquetes manipulado a trav\u00e9s de la aplicaci\u00f3n AppQoE o UTD. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un flujo de paquetes manipulado a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir que el atacante provoque que el dispositivo se recargue, lo que resultar\u00eda en una condici\u00f3n DoS."
     }
   ],
   "metrics": {
     "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      },
       {
         "source": "ykramarz@cisco.com",
         "type": "Secondary",
@@ -34,10 +58,234 @@
       }
     ]
   },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "9012A66E-82C4-4ACF-A4BB-37EC54B87B50"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "849C6FF1-F7C0-4021-BCA2-A791C87E4F37"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "1103BE75-EB64-4A9A-801E-EDE6A1F861F5"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CF365FC4-46E3-4564-9F25-1C2FBE70057B"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4321\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "05C90C43-2D7D-43F8-AD7F-421878909AE2"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4321\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "445597DA-7EEC-470D-9A71-BC43A9F7DE5E"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4321\\/k9_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "86049773-C88D-4A26-A0D3-D40F3C312AEC"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4331\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "6AB4B7C2-4D45-4267-BCBB-57D36C6104A3"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4331\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "3B8A4630-8B21-4994-8EF5-E105593A64E5"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4331\\/k9_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "F799DC02-EB06-458C-8545-A174475FE7A2"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4351\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B89FBA68-A8ED-4C5A-916E-A68468F59730"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4351\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CD272E6E-2ED1-4408-8FF7-0B82F9DCBEF8"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4351\\/k9_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "DC278B77-AD63-42AD-B9E8-EE4DE97E27E9"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:c8200-1n-4t:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CCF17101-9EF9-47BB-B966-0FA9B71AEEFA"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:c8200l-1n-4t:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E2F0C218-B0FF-4BEC-B76F-1F4BAA6D0960"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:c8500l-8s4x:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "FB2038BF-DC77-4326-B80C-FC3384FED25E"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_ir8340:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "4E6CCE9B-1F88-42AE-AB12-6345C44D597E"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appqoe-utd-dos-p8O57p5y",
-      "source": "ykramarz@cisco.com"
+      "source": "ykramarz@cisco.com",
+      "tags": [
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-202xx/CVE-2023-20227.json

@@ -2,16 +2,40 @@
   "id": "CVE-2023-20227",
   "sourceIdentifier": "ykramarz@cisco.com",
   "published": "2023-09-27T18:15:11.370",
-  "lastModified": "2023-09-27T18:31:27.343",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-10-06T13:16:55.960",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper handling of certain L2TP packets. An attacker could exploit this vulnerability by sending crafted L2TP packets to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.\r\n\r Note: Only traffic directed to the affected system can be used to exploit this vulnerability."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad en la funci\u00f3n Layer 2 Tunneling Protocol (L2TP) del software Cisco IOS XE podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe al manejo inadecuado de ciertos paquetes L2TP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes L2TP manipulados a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir que el atacante haga que el dispositivo se recargue inesperadamente, lo que resultar\u00eda en una condici\u00f3n DoS. Nota: Solo se puede utilizar el tr\u00e1fico dirigido al sistema afectado para aprovechar esta vulnerabilidad."
     }
   ],
   "metrics": {
     "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      },
       {
         "source": "ykramarz@cisco.com",
         "type": "Secondary",
@@ -34,10 +58,725 @@
       }
     ]
   },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*",
+              "matchCriteriaId": "96852D16-AF50-4C70-B125-D2349E6765D7"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*",
+              "matchCriteriaId": "A15B882A-BA60-4932-A55E-F4A798B30EEB"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5EC2EE60-4A07-4D92-B9BC-BF07CF4F2BE9"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*",
+              "matchCriteriaId": "47DBE4ED-1CD8-4134-9B33-17A91F44F17B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "0375BF9E-D04B-4E5B-9051-536806ECA44E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2266E5A2-B3F6-4389-B8E2-42CB845EC7F9"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*",
+              "matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*",
+              "matchCriteriaId": "F5AB80E7-0714-44ED-9671-12C877B36A1E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5f:*:*:*:*:*:*:*",
+              "matchCriteriaId": "10182B94-6831-461E-B0FC-9476EAB6EBEF"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*",
+              "matchCriteriaId": "961F8312-31B9-44E7-8858-EF8E2134F447"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.7:*:*:*:*:*:*:*",
+              "matchCriteriaId": "3D62EE1B-9A59-406C-B7DF-91B495F3ECFE"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.8:*:*:*:*:*:*:*",
+              "matchCriteriaId": "79CF8D4E-F82A-469C-A8C2-0C203A800A05"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D136D2BC-FFB5-4912-A3B1-BD96148CB9A5"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*",
+              "matchCriteriaId": "A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5CD5B3AB-27C2-4055-A3B7-0112D089FDA4"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*",
+              "matchCriteriaId": "04081A51-E08F-4114-9276-584E836181D3"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
+              "matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*",
+              "matchCriteriaId": "62A46516-CEB7-48D4-879B-341963A1FA31"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D6EF98FA-6DF9-4935-9639-143E08462BC4"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
+              "matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "0A443E93-6C4B-4F86-BA7C-7C2A929E795A"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*",
+              "matchCriteriaId": "6ECEDD9D-6517-44BA-A95F-D1D5488C0E41"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "314C7763-A64D-4023-9F3F-9A821AE4151F"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
+              "matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
+              "matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
+              "matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*",
+              "matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*",
+              "matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*",
+              "matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D18B32E3-6B33-4E3D-879A-82E2F0BFC906"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "46E37204-FC9A-4397-AFA4-9CAC7A116D55"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
+              "matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
+              "matchCriteriaId": "8FCB9440-F470-45D1-AAFA-01FB5D76B600"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "3F66ECFE-B631-47AE-995F-024A4E586A85"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5B736F09-3B51-4B2A-92F6-602847001F15"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2F58A94E-B050-4EFA-84BA-43B11BA22E77"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.7:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5E864BB1-FD23-4AB3-9138-5FD8B62EAF5B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.8:*:*:*:*:*:*:*",
+              "matchCriteriaId": "838D6C2D-C131-4A9C-AAE5-5BF38E637E4B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
+              "matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
+              "matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
+              "matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
+              "matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
+              "matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
+              "matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
+              "matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
+              "matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
+              "matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
+              "matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
+              "matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "8871B890-78F4-4D9D-AEFF-6A393493C51E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*",
+              "matchCriteriaId": "9E489AC5-A445-44FF-AA85-F0915577384E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
+              "matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*",
+              "matchCriteriaId": "06337791-7D8D-4EAA-BACC-4E270F377B3E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
+              "matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
+              "matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
+              "matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1b:*:*:*:*:*:*:*",
+              "matchCriteriaId": "4B5244CD-ECFA-4CCD-B611-C5A59368C5E1"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1c:*:*:*:*:*:*:*",
+              "matchCriteriaId": "BDEDC7A0-D031-433B-ABF5-4EC0A43D80CC"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CF365FC4-46E3-4564-9F25-1C2FBE70057B"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:a:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "237136F5-5A1B-4033-8B7C-CDAD66AF25DF"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4321\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "05C90C43-2D7D-43F8-AD7F-421878909AE2"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4321\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "445597DA-7EEC-470D-9A71-BC43A9F7DE5E"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4321\\/k9_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "86049773-C88D-4A26-A0D3-D40F3C312AEC"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4331\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "6AB4B7C2-4D45-4267-BCBB-57D36C6104A3"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4331\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "3B8A4630-8B21-4994-8EF5-E105593A64E5"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4331\\/k9_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "F799DC02-EB06-458C-8545-A174475FE7A2"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4351\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B89FBA68-A8ED-4C5A-916E-A68468F59730"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4351\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CD272E6E-2ED1-4408-8FF7-0B82F9DCBEF8"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4351\\/k9_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "DC278B77-AD63-42AD-B9E8-EE4DE97E27E9"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:c8200-1n-4t:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CCF17101-9EF9-47BB-B966-0FA9B71AEEFA"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:c8200l-1n-4t:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E2F0C218-B0FF-4BEC-B76F-1F4BAA6D0960"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:c8500l-8s4x:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "FB2038BF-DC77-4326-B80C-FC3384FED25E"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg400-2fxs\\/2fxo:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "9FC16DF0-4615-4708-94C7-65C1904E0C88"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg400-4fxs\\/4fxo:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "12929A1A-E99D-42F8-98A7-1A4834776C33"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg400-6fxs\\/6fxo:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "1AAF0FE8-6B3D-4E05-BA56-68C348823702"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg400-8fxs:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "C55C2498-7DDF-4B67-ACF6-3E2F908691F7"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg420-132fxs\\/6fxo:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7AC254AB-3347-4331-B50A-97E7EE6386F1"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg420-144fxs:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "8C350434-E44A-414F-A78A-EAE4F9768CE2"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg420-84fxs\\/6fxo:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B122209A-F538-4DE9-9074-1460FA32FD42"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg450-144fxs\\/k9:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "16F71181-1455-495A-A644-5D97DEC2624E"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg450-72fxs\\/k9:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "6D6E3CD4-B437-43D7-93E9-60E2AC5C46F3"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:cisco:vg450\\/k9:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E756FCB7-053D-4F37-AC93-5B8BD2E13287"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-l2tp-dos-eB5tuFmV",
-      "source": "ykramarz@cisco.com"
+      "source": "ykramarz@cisco.com",
+      "tags": [
+        "Mitigation",
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-202xx/CVE-2023-20251.json

@@ -2,16 +2,40 @@
   "id": "CVE-2023-20251",
   "sourceIdentifier": "ykramarz@cisco.com",
   "published": "2023-09-27T18:15:11.493",
-  "lastModified": "2023-09-27T18:31:27.343",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-10-06T13:20:01.457",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot.\r\n\r This vulnerability is due to memory leaks caused by multiple clients connecting under specific conditions. An attacker could exploit this vulnerability by causing multiple wireless clients to attempt to connect to an access point (AP) on an affected device. A successful exploit could allow the attacker to cause the affected device to reboot after a significant amount of time, resulting in a denial of service (DoS) condition."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad en el b\u00fafer de memoria del software AireOS del Cisco Wireless LAN Controller (WLC) podr\u00eda permitir que un atacante adyacente no autenticado cause p\u00e9rdidas de memoria que eventualmente podr\u00edan provocar el reinicio del dispositivo. Esta vulnerabilidad se debe a p\u00e9rdidas de memoria causadas por la conexi\u00f3n de varios clientes en condiciones espec\u00edficas. Un atacante podr\u00eda aprovechar esta vulnerabilidad haciendo que varios clientes inal\u00e1mbricos intenten conectarse a un punto de acceso (AP) en un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el dispositivo afectado se reinicie despu\u00e9s de un per\u00edodo de tiempo significativo, lo que resultar\u00eda en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
     }
   ],
   "metrics": {
     "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.6,
+        "impactScore": 3.6
+      },
       {
         "source": "ykramarz@cisco.com",
         "type": "Secondary",
@@ -34,10 +58,56 @@
       }
     ]
   },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-119"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:cisco:mobility_express_software:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "14096855-99B4-499B-AC8B-4508302B5761"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:o:cisco:aireos:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "8.10.150",
+              "versionEndExcluding": "8.10.190.0",
+              "matchCriteriaId": "FA8BF617-902D-4787-BE52-80109C72D501"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbw-dos-YSmbUqX3",
-      "source": "ykramarz@cisco.com"
+      "source": "ykramarz@cisco.com",
+      "tags": [
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-250xx/CVE-2023-25033.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-25033",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-10-06T13:15:12.207",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share Boost plugin <=\u00a04.5 versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/social-share-boost/wordpress-social-share-boost-plugin-4-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-254xx/CVE-2023-25480.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-25480",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-10-06T13:15:12.300",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor plugin <=\u00a01.24.1 versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/post-and-page-builder/wordpress-post-and-page-builder-by-boldgrid-plugin-1-24-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-261xx/CVE-2023-26153.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-26153",
   "sourceIdentifier": "report@snyk.io",
   "published": "2023-10-06T05:15:52.803",
-  "lastModified": "2023-10-06T05:15:52.803",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value.\r\r**Note:**\r\r An attacker can use this vulnerability to execute commands on the host system."
+    },
+    {
+      "lang": "es",
+      "value": "Las versiones del paquete geokit-rails anteriores a la 2.5.0 son vulnerables a la inyecci\u00f3n de comandos debido a una deserializaci\u00f3n insegura de YAML dentro de la cookie 'geo_location'. Este problema se puede explotar de forma remota mediante un valor de cookie malicioso. **Nota:** Un atacante puede utilizar esta vulnerabilidad para ejecutar comandos en el host system."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-274xx/CVE-2023-27448.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-27448",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-10-06T13:15:12.403",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin <=\u00a02.8.0 versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/makestories-helper/wordpress-makestories-for-google-web-stories-plugin-2-8-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-276xx/CVE-2023-27615.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-27615",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-10-06T13:15:12.487",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-Site Request Forgery (CSRF) vulnerability in Dipak C. Gajjar WP Super Minify plugin <=\u00a01.5.1 versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/wp-super-minify/wordpress-wp-super-minify-plugin-1-5-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-30xx/CVE-2023-3024.json

@@ -2,16 +2,40 @@
   "id": "CVE-2023-3024",
   "sourceIdentifier": "product-security@silabs.com",
   "published": "2023-09-29T17:15:47.043",
-  "lastModified": "2023-09-29T17:27:25.983",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-10-06T13:22:29.397",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
       "value": "Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access."
+    },
+    {
+      "lang": "es",
+      "value": "Obligar a la pila Bluetooth LE a segmentar paquetes de \"prepare write response\" puede provocar un acceso a la memoria fuera de los l\u00edmites."
     }
   ],
   "metrics": {
     "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      },
       {
         "source": "product-security@silabs.com",
         "type": "Secondary",
@@ -35,6 +59,16 @@
     ]
   },
   "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-119"
+        }
+      ]
+    },
     {
       "source": "product-security@silabs.com",
       "type": "Secondary",
@@ -46,14 +80,87 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "1.0.0",
+              "versionEndExcluding": "6.0.0",
+              "matchCriteriaId": "D3DE410C-55EC-4831-B7F1-66B341B1D760"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"
+            },
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/SiliconLabs/gecko_sdk",
-      "source": "product-security@silabs.com"
+      "source": "product-security@silabs.com",
+      "tags": [
+        "Product"
+      ]
     },
     {
       "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ViQvHQAV/?operationContext=S1",
-      "source": "product-security@silabs.com"
+      "source": "product-security@silabs.com",
+      "tags": [
+        "Permissions Required",
+        "Vendor Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-364xx/CVE-2023-36465.json

@@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-36465",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2023-10-06T12:15:11.683",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The `templates` module doesn't enforce the correct permissions, allowing any logged-in user to access to this functionality in the administration panel. An attacker could use this vulnerability to change, create or delete templates of surveys. This issue has been patched in version 0.26.8 and 0.27.4."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "LOW",
+          "baseScore": 9.1,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 5.3
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/decidim/decidim/releases/tag/v0.26.8",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/decidim/decidim/releases/tag/v0.27.4",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/decidim/decidim/security/advisories/GHSA-639h-86hw-qcjq",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-400xx/CVE-2023-40008.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-40008",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-10-06T13:15:12.573",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simple Org Chart plugin <=\u00a02.3.4 versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/simple-org-chart/wordpress-simple-org-chart-plugin-2-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-405xx/CVE-2023-40556.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-40556",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-06T06:15:11.157",
-  "lastModified": "2023-10-06T06:15:11.157",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Cross-Site Request Forgery (CSRF) vulnerability in Greg Ross Schedule Posts Calendar plugin <=\u00a05.2 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Greg Ross Schedule Posts Calendar en versiones &lt;= 5.2."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-406xx/CVE-2023-40671.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-40671",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-10-06T13:15:12.660",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-Site Request Forgery (CSRF) vulnerability in ??wp DX-auto-save-images plugin <=\u00a01.4.0 versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/dx-auto-save-images/wordpress-dx-auto-save-images-plugin-1-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-447xx/CVE-2023-44758.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-44758",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-10-06T11:15:11.260",
-  "lastModified": "2023-10-06T11:15:11.260",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-447xx/CVE-2023-44761.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44761",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-06T13:15:12.747",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/sromanhu/ConcreteCMS-Stored-XSS---Forms",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-447xx/CVE-2023-44762.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44762",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-06T13:15:12.807",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/sromanhu/ConcreteCMS-Reflected-XSS---Tags",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-447xx/CVE-2023-44764.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44764",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-06T13:15:12.863",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SITE parameter from installation or in the Settings."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/sromanhu/ConcreteCMS-Stored-XSS---Site_Installation",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-447xx/CVE-2023-44765.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44765",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-06T13:15:12.923",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/sromanhu/ConcreteCMS-Stored-XSS---Associations",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-447xx/CVE-2023-44766.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44766",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-06T13:15:12.977",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/sromanhu/ConcreteCMS-Stored-XSS---SEO",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-447xx/CVE-2023-44770.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44770",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-06T13:15:13.033",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/sromanhu/ZenarioCMS--Reflected-XSS---Organizer-Alias/blob/main/README.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-447xx/CVE-2023-44771.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44771",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-06T13:15:13.087",
+  "lastModified": "2023-10-06T13:17:35.473",
+  "vulnStatus": "Undergoing Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/sromanhu/ZenarioCMS--Stored-XSS---Page-Layout",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-44xx/CVE-2023-4469.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-4469",
   "sourceIdentifier": "security@wordfence.com",
   "published": "2023-10-06T10:15:18.527",
-  "lastModified": "2023-10-06T10:15:18.527",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-452xx/CVE-2023-45244.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-45244",
   "sourceIdentifier": "security@acronis.com",
   "published": "2023-10-06T10:15:18.047",
-  "lastModified": "2023-10-06T11:15:11.337",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-452xx/CVE-2023-45245.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-45245",
   "sourceIdentifier": "security@acronis.com",
   "published": "2023-10-06T10:15:18.450",
-  "lastModified": "2023-10-06T10:15:18.450",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-452xx/CVE-2023-45246.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-45246",
   "sourceIdentifier": "security@acronis.com",
   "published": "2023-10-06T11:15:11.447",
-  "lastModified": "2023-10-06T11:15:11.447",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-45xx/CVE-2023-4530.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-4530",
   "sourceIdentifier": "cve@usom.gov.tr",
   "published": "2023-10-06T10:15:18.630",
-  "lastModified": "2023-10-06T10:15:18.630",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-52xx/CVE-2023-5287.json

@@ -2,15 +2,41 @@
   "id": "CVE-2023-5287",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2023-09-29T21:15:10.097",
-  "lastModified": "2023-09-30T01:57:32.760",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-10-06T13:24:11.647",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
       "value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in BEECMS 4.0. This affects an unknown part of the file /admin/admin_content_tag.php?action=save_content. The manipulation of the argument tag leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240915. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
+    },
+    {
+      "lang": "es",
+      "value": "** NO SOPORTADO CUANDO EST\u00c1 ASIGNADO ** ** NO SOPORTADO CUANDO EST\u00c1 ASIGNADO ** Se encontr\u00f3 una vulnerabilidad clasificada como problem\u00e1tica en BEECMS 4.0. Esto afecta a una parte desconocida del archivo /admin/admin_content_tag.php?action=save_content. La manipulaci\u00f3n de la etiqueta de argumento conduce a cross site scripting. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-240915. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el mantenedor."
     }
   ],
   "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.7,
+        "impactScore": 2.7
+      }
+    ],
     "cvssMetricV30": [
       {
         "source": "cna@vuldb.com",
@@ -71,18 +97,48 @@
       ]
     }
   ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:beecms:beecms:4.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "A4B13A33-C004-4AD8-A910-BA4A47604F90"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/zhenjiaqi/CVE/issues/1",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Exploit",
+        "Issue Tracking"
+      ]
     },
     {
       "url": "https://vuldb.com/?ctiid.240915",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Permissions Required",
+        "Third Party Advisory",
+        "VDB Entry"
+      ]
     },
     {
       "url": "https://vuldb.com/?id.240915",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory",
+        "VDB Entry"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-53xx/CVE-2023-5312.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-5312",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2023-10-06T06:15:13.257",
-  "lastModified": "2023-10-06T06:15:13.257",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-06T12:48:29.920",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability classified as critical has been found in DedeCMS 5.7.111. Affected is an unknown function of the file baidunews.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240948."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad ha sido encontrada en DedeCMS 5.7.111 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo baidunews.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a una carga sin restricciones. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-240948."
     }
   ],
   "metrics": {

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-10-06T12:00:24.699851+00:00
+2023-10-06T14:00:25.028075+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-10-06T11:15:11.447000+00:00
+2023-10-06T13:24:11.647000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,25 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-227094
+227109
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `6`
+Recently added CVEs: `15`
 
-* [CVE-2023-45245](CVE-2023/CVE-2023-452xx/CVE-2023-45245.json) (`2023-10-06T10:15:18.450`)
-* [CVE-2023-4469](CVE-2023/CVE-2023-44xx/CVE-2023-4469.json) (`2023-10-06T10:15:18.527`)
-* [CVE-2023-4530](CVE-2023/CVE-2023-45xx/CVE-2023-4530.json) (`2023-10-06T10:15:18.630`)
-* [CVE-2023-44758](CVE-2023/CVE-2023-447xx/CVE-2023-44758.json) (`2023-10-06T11:15:11.260`)
-* [CVE-2023-45244](CVE-2023/CVE-2023-452xx/CVE-2023-45244.json) (`2023-10-06T10:15:18.047`)
-* [CVE-2023-45246](CVE-2023/CVE-2023-452xx/CVE-2023-45246.json) (`2023-10-06T11:15:11.447`)
+* [CVE-2022-47175](CVE-2022/CVE-2022-471xx/CVE-2022-47175.json) (`2023-10-06T13:15:12.097`)
+* [CVE-2023-36465](CVE-2023/CVE-2023-364xx/CVE-2023-36465.json) (`2023-10-06T12:15:11.683`)
+* [CVE-2023-25033](CVE-2023/CVE-2023-250xx/CVE-2023-25033.json) (`2023-10-06T13:15:12.207`)
+* [CVE-2023-25480](CVE-2023/CVE-2023-254xx/CVE-2023-25480.json) (`2023-10-06T13:15:12.300`)
+* [CVE-2023-27448](CVE-2023/CVE-2023-274xx/CVE-2023-27448.json) (`2023-10-06T13:15:12.403`)
+* [CVE-2023-27615](CVE-2023/CVE-2023-276xx/CVE-2023-27615.json) (`2023-10-06T13:15:12.487`)
+* [CVE-2023-40008](CVE-2023/CVE-2023-400xx/CVE-2023-40008.json) (`2023-10-06T13:15:12.573`)
+* [CVE-2023-40671](CVE-2023/CVE-2023-406xx/CVE-2023-40671.json) (`2023-10-06T13:15:12.660`)
+* [CVE-2023-44761](CVE-2023/CVE-2023-447xx/CVE-2023-44761.json) (`2023-10-06T13:15:12.747`)
+* [CVE-2023-44762](CVE-2023/CVE-2023-447xx/CVE-2023-44762.json) (`2023-10-06T13:15:12.807`)
+* [CVE-2023-44764](CVE-2023/CVE-2023-447xx/CVE-2023-44764.json) (`2023-10-06T13:15:12.863`)
+* [CVE-2023-44765](CVE-2023/CVE-2023-447xx/CVE-2023-44765.json) (`2023-10-06T13:15:12.923`)
+* [CVE-2023-44766](CVE-2023/CVE-2023-447xx/CVE-2023-44766.json) (`2023-10-06T13:15:12.977`)
+* [CVE-2023-44770](CVE-2023/CVE-2023-447xx/CVE-2023-44770.json) (`2023-10-06T13:15:13.033`)
+* [CVE-2023-44771](CVE-2023/CVE-2023-447xx/CVE-2023-44771.json) (`2023-10-06T13:15:13.087`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `18`
 
+* [CVE-2015-10125](CVE-2015/CVE-2015-101xx/CVE-2015-10125.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2015-10126](CVE-2015/CVE-2015-101xx/CVE-2015-10126.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-26153](CVE-2023/CVE-2023-261xx/CVE-2023-26153.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-40556](CVE-2023/CVE-2023-405xx/CVE-2023-40556.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-5312](CVE-2023/CVE-2023-53xx/CVE-2023-5312.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-45244](CVE-2023/CVE-2023-452xx/CVE-2023-45244.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-45245](CVE-2023/CVE-2023-452xx/CVE-2023-45245.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-4469](CVE-2023/CVE-2023-44xx/CVE-2023-4469.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-4530](CVE-2023/CVE-2023-45xx/CVE-2023-4530.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-44758](CVE-2023/CVE-2023-447xx/CVE-2023-44758.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-45246](CVE-2023/CVE-2023-452xx/CVE-2023-45246.json) (`2023-10-06T12:48:29.920`)
+* [CVE-2023-20202](CVE-2023/CVE-2023-202xx/CVE-2023-20202.json) (`2023-10-06T13:14:27.787`)
+* [CVE-2023-20226](CVE-2023/CVE-2023-202xx/CVE-2023-20226.json) (`2023-10-06T13:16:14.340`)
+* [CVE-2023-20227](CVE-2023/CVE-2023-202xx/CVE-2023-20227.json) (`2023-10-06T13:16:55.960`)
+* [CVE-2023-20231](CVE-2023/CVE-2023-202xx/CVE-2023-20231.json) (`2023-10-06T13:19:01.690`)
+* [CVE-2023-20251](CVE-2023/CVE-2023-202xx/CVE-2023-20251.json) (`2023-10-06T13:20:01.457`)
+* [CVE-2023-3024](CVE-2023/CVE-2023-30xx/CVE-2023-3024.json) (`2023-10-06T13:22:29.397`)
+* [CVE-2023-5287](CVE-2023/CVE-2023-52xx/CVE-2023-5287.json) (`2023-10-06T13:24:11.647`)
 
 
 ## Download and Usage