admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-336xx/CVE-2023-33651.json
cad-safe-bot 525d096ba8 Auto-Update: 2025-01-08T19:00:22.213675+00:00
2025-01-08 19:03:45 +00:00

150 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-33651",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T19:15:12.103",
"lastModified": "2025-01-08T17:15:12.777",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the MVC Device Simulator of Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) v9.0 Initial Release to v13.0 Initial Release allows attackers to bypass authorization rules."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0",
"versionEndIncluding": "10.3",
"matchCriteriaId": "5347D215-14FC-47E1-9B79-788DF656158B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0",
"versionEndIncluding": "10.3",
"matchCriteriaId": "E6292DA1-E0C4-4253-9E47-4AB795C1A15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0",
"versionEndIncluding": "10.3",
"matchCriteriaId": "FED0DB4B-0E65-4419-ACDE-4BE8D4C5AA9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:managed_cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "520CF670-01A2-479F-B637-C413A82463E0"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.assetnote.io/2023/05/10/sitecore-round-two/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1002925",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://blog.assetnote.io/2023/05/10/sitecore-round-two/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1002925",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink