Auto-Update: 2023-12-02T07:00:17.956143+00:00

2025-05-08 19:47:09 +00:00 · 2023-12-02 07:00:21 +00:00 · 2023-12-02 07:00:21 +00:00 · fa47224e4a
commit fa47224e4a
parent 62ea1d9855
3 changed files with 117 additions and 30 deletions
--- a/CVE-2023/CVE-2023-392xx/CVE-2023-39256.json
+++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39256.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-39256",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2023-12-02T05:15:07.793",
+  "lastModified": "2023-12-02T05:15:07.793",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nDell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder during product installation and upgrade, leading to privilege escalation on the system.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000217705/dsa-2023-340",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-392xx/CVE-2023-39257.json
+++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39257.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-39257",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2023-12-02T05:15:08.080",
+  "lastModified": "2023-12-02T05:15:08.080",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nDell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder when product installation repair is performed, leading to privilege escalation on the system.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000217705/dsa-2023-340",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-12-02T05:00:18.316198+00:00
+2023-12-02T07:00:17.956143+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-12-02T04:40:02.733000+00:00
+2023-12-02T05:15:08.080000+00:00
 ```

 ### Last Data Feed Release
@ -29,44 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-231979
+231981
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `0`
+Recently added CVEs: `2`

+* [CVE-2023-39256](CVE-2023/CVE-2023-392xx/CVE-2023-39256.json) (`2023-12-02T05:15:07.793`)
+* [CVE-2023-39257](CVE-2023/CVE-2023-392xx/CVE-2023-39257.json) (`2023-12-02T05:15:08.080`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `37`
+Recently modified CVEs: `0`

-* [CVE-2023-6433](CVE-2023/CVE-2023-64xx/CVE-2023-6433.json) (`2023-12-02T04:37:58.317`)
-* [CVE-2023-6432](CVE-2023/CVE-2023-64xx/CVE-2023-6432.json) (`2023-12-02T04:38:05.627`)
-* [CVE-2023-6431](CVE-2023/CVE-2023-64xx/CVE-2023-6431.json) (`2023-12-02T04:38:07.830`)
-* [CVE-2023-6430](CVE-2023/CVE-2023-64xx/CVE-2023-6430.json) (`2023-12-02T04:38:09.997`)
-* [CVE-2023-6429](CVE-2023/CVE-2023-64xx/CVE-2023-6429.json) (`2023-12-02T04:38:26.040`)
-* [CVE-2023-6428](CVE-2023/CVE-2023-64xx/CVE-2023-6428.json) (`2023-12-02T04:38:27.697`)
-* [CVE-2023-6427](CVE-2023/CVE-2023-64xx/CVE-2023-6427.json) (`2023-12-02T04:38:35.270`)
-* [CVE-2023-6426](CVE-2023/CVE-2023-64xx/CVE-2023-6426.json) (`2023-12-02T04:38:36.853`)
-* [CVE-2023-6425](CVE-2023/CVE-2023-64xx/CVE-2023-6425.json) (`2023-12-02T04:38:38.457`)
-* [CVE-2023-6424](CVE-2023/CVE-2023-64xx/CVE-2023-6424.json) (`2023-12-02T04:38:39.837`)
-* [CVE-2023-6423](CVE-2023/CVE-2023-64xx/CVE-2023-6423.json) (`2023-12-02T04:38:41.237`)
-* [CVE-2023-6422](CVE-2023/CVE-2023-64xx/CVE-2023-6422.json) (`2023-12-02T04:38:43.790`)
-* [CVE-2023-6419](CVE-2023/CVE-2023-64xx/CVE-2023-6419.json) (`2023-12-02T04:38:49.127`)
-* [CVE-2023-6420](CVE-2023/CVE-2023-64xx/CVE-2023-6420.json) (`2023-12-02T04:38:55.633`)
-* [CVE-2023-6418](CVE-2023/CVE-2023-64xx/CVE-2023-6418.json) (`2023-12-02T04:38:57.207`)
-* [CVE-2023-6417](CVE-2023/CVE-2023-64xx/CVE-2023-6417.json) (`2023-12-02T04:39:08.177`)
-* [CVE-2023-6416](CVE-2023/CVE-2023-64xx/CVE-2023-6416.json) (`2023-12-02T04:39:11.893`)
-* [CVE-2023-6415](CVE-2023/CVE-2023-64xx/CVE-2023-6415.json) (`2023-12-02T04:39:14.333`)
-* [CVE-2023-6414](CVE-2023/CVE-2023-64xx/CVE-2023-6414.json) (`2023-12-02T04:39:15.630`)
-* [CVE-2023-6413](CVE-2023/CVE-2023-64xx/CVE-2023-6413.json) (`2023-12-02T04:39:21.477`)
-* [CVE-2023-6412](CVE-2023/CVE-2023-64xx/CVE-2023-6412.json) (`2023-12-02T04:39:24.357`)
-* [CVE-2023-6411](CVE-2023/CVE-2023-64xx/CVE-2023-6411.json) (`2023-12-02T04:39:26.877`)
-* [CVE-2023-6410](CVE-2023/CVE-2023-64xx/CVE-2023-6410.json) (`2023-12-02T04:39:29.697`)
-* [CVE-2023-30585](CVE-2023/CVE-2023-305xx/CVE-2023-30585.json) (`2023-12-02T04:39:59.250`)
-* [CVE-2023-24023](CVE-2023/CVE-2023-240xx/CVE-2023-24023.json) (`2023-12-02T04:40:02.733`)


 ## Download and Usage