From fa47224e4a61075604db13d584a7017719d64903 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Sat, 2 Dec 2023 07:00:21 +0000
Subject: [PATCH] Auto-Update: 2023-12-02T07:00:17.956143+00:00

---
 CVE-2023/CVE-2023-392xx/CVE-2023-39256.json | 55 +++++++++++++++++++++
 CVE-2023/CVE-2023-392xx/CVE-2023-39257.json | 55 +++++++++++++++++++++
 README.md                                   | 37 +++-----------
 3 files changed, 117 insertions(+), 30 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-392xx/CVE-2023-39256.json
 create mode 100644 CVE-2023/CVE-2023-392xx/CVE-2023-39257.json

diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39256.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39256.json
new file mode 100644
index 00000000000..e8ac4178839
--- /dev/null
+++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39256.json
@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-39256",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2023-12-02T05:15:07.793",
+  "lastModified": "2023-12-02T05:15:07.793",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nDell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder during product installation and upgrade, leading to privilege escalation on the system.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000217705/dsa-2023-340",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39257.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39257.json
new file mode 100644
index 00000000000..5367e6aae4e
--- /dev/null
+++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39257.json
@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-39257",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2023-12-02T05:15:08.080",
+  "lastModified": "2023-12-02T05:15:08.080",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nDell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder when product installation repair is performed, leading to privilege escalation on the system.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000217705/dsa-2023-340",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index c00523048f6..73d4190c383 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-12-02T05:00:18.316198+00:00
+2023-12-02T07:00:17.956143+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-12-02T04:40:02.733000+00:00
+2023-12-02T05:15:08.080000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,44 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-231979
+231981
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `0`
+Recently added CVEs: `2`
 
+* [CVE-2023-39256](CVE-2023/CVE-2023-392xx/CVE-2023-39256.json) (`2023-12-02T05:15:07.793`)
+* [CVE-2023-39257](CVE-2023/CVE-2023-392xx/CVE-2023-39257.json) (`2023-12-02T05:15:08.080`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `37`
+Recently modified CVEs: `0`
 
-* [CVE-2023-6433](CVE-2023/CVE-2023-64xx/CVE-2023-6433.json) (`2023-12-02T04:37:58.317`)
-* [CVE-2023-6432](CVE-2023/CVE-2023-64xx/CVE-2023-6432.json) (`2023-12-02T04:38:05.627`)
-* [CVE-2023-6431](CVE-2023/CVE-2023-64xx/CVE-2023-6431.json) (`2023-12-02T04:38:07.830`)
-* [CVE-2023-6430](CVE-2023/CVE-2023-64xx/CVE-2023-6430.json) (`2023-12-02T04:38:09.997`)
-* [CVE-2023-6429](CVE-2023/CVE-2023-64xx/CVE-2023-6429.json) (`2023-12-02T04:38:26.040`)
-* [CVE-2023-6428](CVE-2023/CVE-2023-64xx/CVE-2023-6428.json) (`2023-12-02T04:38:27.697`)
-* [CVE-2023-6427](CVE-2023/CVE-2023-64xx/CVE-2023-6427.json) (`2023-12-02T04:38:35.270`)
-* [CVE-2023-6426](CVE-2023/CVE-2023-64xx/CVE-2023-6426.json) (`2023-12-02T04:38:36.853`)
-* [CVE-2023-6425](CVE-2023/CVE-2023-64xx/CVE-2023-6425.json) (`2023-12-02T04:38:38.457`)
-* [CVE-2023-6424](CVE-2023/CVE-2023-64xx/CVE-2023-6424.json) (`2023-12-02T04:38:39.837`)
-* [CVE-2023-6423](CVE-2023/CVE-2023-64xx/CVE-2023-6423.json) (`2023-12-02T04:38:41.237`)
-* [CVE-2023-6422](CVE-2023/CVE-2023-64xx/CVE-2023-6422.json) (`2023-12-02T04:38:43.790`)
-* [CVE-2023-6419](CVE-2023/CVE-2023-64xx/CVE-2023-6419.json) (`2023-12-02T04:38:49.127`)
-* [CVE-2023-6420](CVE-2023/CVE-2023-64xx/CVE-2023-6420.json) (`2023-12-02T04:38:55.633`)
-* [CVE-2023-6418](CVE-2023/CVE-2023-64xx/CVE-2023-6418.json) (`2023-12-02T04:38:57.207`)
-* [CVE-2023-6417](CVE-2023/CVE-2023-64xx/CVE-2023-6417.json) (`2023-12-02T04:39:08.177`)
-* [CVE-2023-6416](CVE-2023/CVE-2023-64xx/CVE-2023-6416.json) (`2023-12-02T04:39:11.893`)
-* [CVE-2023-6415](CVE-2023/CVE-2023-64xx/CVE-2023-6415.json) (`2023-12-02T04:39:14.333`)
-* [CVE-2023-6414](CVE-2023/CVE-2023-64xx/CVE-2023-6414.json) (`2023-12-02T04:39:15.630`)
-* [CVE-2023-6413](CVE-2023/CVE-2023-64xx/CVE-2023-6413.json) (`2023-12-02T04:39:21.477`)
-* [CVE-2023-6412](CVE-2023/CVE-2023-64xx/CVE-2023-6412.json) (`2023-12-02T04:39:24.357`)
-* [CVE-2023-6411](CVE-2023/CVE-2023-64xx/CVE-2023-6411.json) (`2023-12-02T04:39:26.877`)
-* [CVE-2023-6410](CVE-2023/CVE-2023-64xx/CVE-2023-6410.json) (`2023-12-02T04:39:29.697`)
-* [CVE-2023-30585](CVE-2023/CVE-2023-305xx/CVE-2023-30585.json) (`2023-12-02T04:39:59.250`)
-* [CVE-2023-24023](CVE-2023/CVE-2023-240xx/CVE-2023-24023.json) (`2023-12-02T04:40:02.733`)
 
 
 ## Download and Usage