mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
47 lines
1.6 KiB
JSON
47 lines
1.6 KiB
JSON
{
|
|
"id": "CVE-2023-37531",
|
|
"sourceIdentifier": "psirt@hcl.com",
|
|
"published": "2024-02-29T01:40:04.893",
|
|
"lastModified": "2024-02-29T13:49:47.277",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code into a form field of a webpage by a user with privileged access. \n"
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una vulnerabilidad de cross-site scripting (XSS) en el componente Web Reports de HCL BigFix Platform posiblemente pueda permitir que un atacante ejecute c\u00f3digo javascript malicioso en un campo de formulario de una p\u00e1gina web por parte de un usuario con acceso privilegiado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "psirt@hcl.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "HIGH",
|
|
"privilegesRequired": "HIGH",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 3.3,
|
|
"baseSeverity": "LOW"
|
|
},
|
|
"exploitabilityScore": 0.7,
|
|
"impactScore": 2.5
|
|
}
|
|
]
|
|
},
|
|
"references": [
|
|
{
|
|
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209",
|
|
"source": "psirt@hcl.com"
|
|
}
|
|
]
|
|
} |