admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-314xx/CVE-2023-31493.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

64 lines
2.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-31493",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-15T15:15:12.393",
"lastModified": "2024-10-16T19:35:04.040",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RCE (Remote Code Execution) exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the remote system."
},
{
"lang": "es",
"value": "RCE (Remote Code Execution) existe en ZoneMinder hasta la versi\u00f3n 1.36.33, ya que un atacante puede crear un nuevo archivo de registro .php en la carpeta de idioma, mientras ejecuta un payload manipulado y escalar privilegios que permitan la ejecuci\u00f3n de cualquier comando en el sistema remoto."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "http://zoneminder.com",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/%40dk50u1/rce-remote-code-execution-in-zoneminder-up-to-1-36-33-0686f5bcd370",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink