admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-331xx/CVE-2023-33184.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

157 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-33184",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-27T05:15:09.980",
"lastModified": "2024-11-21T08:05:04.390",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.13.0",
"versionEndExcluding": "1.15.3",
"matchCriteriaId": "10ED288F-DD07-4B60-AE0F-786BF82F4ADB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.0",
"versionEndExcluding": "2.2.5",
"matchCriteriaId": "A87F4309-C10F-41AC-B5BB-0DC0585AB5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "3.0.2",
"matchCriteriaId": "C30FC59F-1EEF-452F-B2E0-3E2B22F2CB02"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/mail/pull/8275",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gph-9895-w564",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1913095",
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/nextcloud/mail/pull/8275",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gph-9895-w564",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1913095",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink