From f3998e3bda8802970c95611e3b2420e0e3c26b57 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 28 Jul 2023 23:55:28 +0000 Subject: [PATCH] Auto-Update: 2023-07-28T23:55:25.069053+00:00 --- CVE-2023/CVE-2023-35xx/CVE-2023-3527.json | 58 ++++++++++++++++++- CVE-2023/CVE-2023-378xx/CVE-2023-37897.json | 63 +++++++++++++++++++-- README.md | 32 ++--------- 3 files changed, 119 insertions(+), 34 deletions(-) diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3527.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3527.json index c7a3570046f..cf72e93ba56 100644 --- a/CVE-2023/CVE-2023-35xx/CVE-2023-3527.json +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3527.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3527", "sourceIdentifier": "securityalerts@avaya.com", "published": "2023-07-18T22:15:09.847", - "lastModified": "2023-07-18T22:17:55.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-28T22:17:17.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + }, { "source": "securityalerts@avaya.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1236" + } + ] + }, { "source": "securityalerts@avaya.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "20.0.0.0", + "matchCriteriaId": "BAE861FF-4924-4305-B080-0CD4C88413EE" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.avaya.com/css/public/documents/101086364", - "source": "securityalerts@avaya.com" + "source": "securityalerts@avaya.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-378xx/CVE-2023-37897.json b/CVE-2023/CVE-2023-378xx/CVE-2023-37897.json index dbfbccc6872..9632891b86f 100644 --- a/CVE-2023/CVE-2023-378xx/CVE-2023-37897.json +++ b/CVE-2023/CVE-2023-378xx/CVE-2023-37897.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37897", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-18T21:15:15.663", - "lastModified": "2023-07-18T22:17:55.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-28T22:24:41.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -50,18 +70,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:getgrav:grav:1.7.42:*:*:*:*:*:*:*", + "matchCriteriaId": "45FAF600-2018-4CD3-BDBD-FDB3AB736A64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:getgrav:grav:1.7.42.1:*:*:*:*:*:*:*", + "matchCriteriaId": "9F345F3C-7190-42C9-B8BF-5E822F6054BE" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/getgrav/grav/commit/71bbed12f950de8335006d7f91112263d8504f1b", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/getgrav/grav/commit/b4c62101a43051fc7f5349c7d0a5b6085375c1d7", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/getgrav/grav/security/advisories/GHSA-9436-3gmp-4f53", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 16fc556454c..d8a03ec3788 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-28T22:00:25.228956+00:00 +2023-07-28T23:55:25.069053+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-28T21:58:15.107000+00:00 +2023-07-28T22:24:41.520000+00:00 ``` ### Last Data Feed Release @@ -34,36 +34,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `0` -* [CVE-2023-38988](CVE-2023/CVE-2023-389xx/CVE-2023-38988.json) (`2023-07-28T21:15:14.213`) -* [CVE-2023-3598](CVE-2023/CVE-2023-35xx/CVE-2023-3598.json) (`2023-07-28T21:15:14.287`) ### CVEs modified in the last Commit -Recently modified CVEs: `20` +Recently modified CVEs: `2` -* [CVE-2023-32364](CVE-2023/CVE-2023-323xx/CVE-2023-32364.json) (`2023-07-28T21:15:09.927`) -* [CVE-2023-32429](CVE-2023/CVE-2023-324xx/CVE-2023-32429.json) (`2023-07-28T21:15:11.213`) -* [CVE-2023-32444](CVE-2023/CVE-2023-324xx/CVE-2023-32444.json) (`2023-07-28T21:15:11.497`) -* [CVE-2023-32654](CVE-2023/CVE-2023-326xx/CVE-2023-32654.json) (`2023-07-28T21:15:11.807`) -* [CVE-2023-34241](CVE-2023/CVE-2023-342xx/CVE-2023-34241.json) (`2023-07-28T21:15:12.083`) -* [CVE-2023-34425](CVE-2023/CVE-2023-344xx/CVE-2023-34425.json) (`2023-07-28T21:15:13.047`) -* [CVE-2023-36495](CVE-2023/CVE-2023-364xx/CVE-2023-36495.json) (`2023-07-28T21:15:13.387`) -* [CVE-2023-37285](CVE-2023/CVE-2023-372xx/CVE-2023-37285.json) (`2023-07-28T21:15:13.553`) -* [CVE-2023-38565](CVE-2023/CVE-2023-385xx/CVE-2023-38565.json) (`2023-07-28T21:15:13.620`) -* [CVE-2023-38571](CVE-2023/CVE-2023-385xx/CVE-2023-38571.json) (`2023-07-28T21:15:13.683`) -* [CVE-2023-38590](CVE-2023/CVE-2023-385xx/CVE-2023-38590.json) (`2023-07-28T21:15:13.750`) -* [CVE-2023-38593](CVE-2023/CVE-2023-385xx/CVE-2023-38593.json) (`2023-07-28T21:15:13.820`) -* [CVE-2023-38598](CVE-2023/CVE-2023-385xx/CVE-2023-38598.json) (`2023-07-28T21:15:13.883`) -* [CVE-2023-38601](CVE-2023/CVE-2023-386xx/CVE-2023-38601.json) (`2023-07-28T21:15:13.957`) -* [CVE-2023-38603](CVE-2023/CVE-2023-386xx/CVE-2023-38603.json) (`2023-07-28T21:15:14.020`) -* [CVE-2023-38604](CVE-2023/CVE-2023-386xx/CVE-2023-38604.json) (`2023-07-28T21:15:14.087`) -* [CVE-2023-38609](CVE-2023/CVE-2023-386xx/CVE-2023-38609.json) (`2023-07-28T21:15:14.157`) -* [CVE-2023-3841](CVE-2023/CVE-2023-38xx/CVE-2023-3841.json) (`2023-07-28T21:46:34.193`) -* [CVE-2023-36339](CVE-2023/CVE-2023-363xx/CVE-2023-36339.json) (`2023-07-28T21:57:14.937`) -* [CVE-2023-3791](CVE-2023/CVE-2023-37xx/CVE-2023-3791.json) (`2023-07-28T21:58:15.107`) +* [CVE-2023-3527](CVE-2023/CVE-2023-35xx/CVE-2023-3527.json) (`2023-07-28T22:17:17.167`) +* [CVE-2023-37897](CVE-2023/CVE-2023-378xx/CVE-2023-37897.json) (`2023-07-28T22:24:41.520`) ## Download and Usage