admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-58xx/CVE-2023-5878.json
cad-safe-bot 627729c313 Auto-Update: 2025-03-02T03:00:19.570958+00:00
2025-03-02 03:03:52 +00:00

82 lines
3.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-5878",
"sourceIdentifier": "psirt@honeywell.com",
"published": "2025-02-06T15:15:12.440",
"lastModified": "2025-02-18T19:15:11.780",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Honeywell OneWireless \n\nWireless Device Manager (WDM)\u00a0for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. An attacker who is authenticated could use the firmware update process to potentially exploit the vulnerability, leading to a command injection. Honeywell recommends updating to \n\n R322.3, R330.2 or the most recent version of this product2."
},
{
"lang": "es",
"value": "Honeywell OneWireless Wireless Device Manager (WDM) para las siguientes versiones R310.x, R320.x, R321.x, R322.1, R322.2, R323.x y R330.1 contiene una vulnerabilidad de inyecci\u00f3n de comandos. Un atacante autenticado podr\u00eda usar el proceso de actualizaci\u00f3n del firmware para explotar potencialmente la vulnerabilidad, lo que provocar\u00eda una inyecci\u00f3n de comandos. Honeywell recomienda actualizar a R322.3, R330.2 o la versi\u00f3n m\u00e1s reciente de este producto2."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "psirt@honeywell.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "psirt@honeywell.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://process.honeywell.com/",
"source": "psirt@honeywell.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink