From 6582000e7d9f2f56721b26c03eab9d89f782d719 Mon Sep 17 00:00:00 2001 From: cvelistV5 Github Action Date: Thu, 6 Mar 2025 17:50:52 +0000 Subject: [PATCH] 5 changes (0 new | 5 updated): - 0 new CVEs: - 5 updated CVEs: CVE-2023-24780, CVE-2023-24781, CVE-2023-26954, CVE-2025-25793, CVE-2025-25794 --- cves/2023/24xxx/CVE-2023-24780.json | 68 +++++++++++++++++++++++++++-- cves/2023/24xxx/CVE-2023-24781.json | 68 +++++++++++++++++++++++++++-- cves/2023/26xxx/CVE-2023-26954.json | 68 +++++++++++++++++++++++++++-- cves/2025/25xxx/CVE-2025-25793.json | 66 +++++++++++++++++++++++++++- cves/2025/25xxx/CVE-2025-25794.json | 66 +++++++++++++++++++++++++++- 5 files changed, 320 insertions(+), 16 deletions(-) diff --git a/cves/2023/24xxx/CVE-2023-24780.json b/cves/2023/24xxx/CVE-2023-24780.json index d27703fb5744..a053e0dd0ebd 100644 --- a/cves/2023/24xxx/CVE-2023-24780.json +++ b/cves/2023/24xxx/CVE-2023-24780.json @@ -6,16 +6,16 @@ "cveId": "CVE-2023-24780", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2024-08-02T11:03:19.228Z", - "dateReserved": "2023-01-30T00:00:00", - "datePublished": "2023-03-07T00:00:00" + "dateUpdated": "2025-03-06T17:42:15.116Z", + "dateReserved": "2023-01-30T00:00:00.000Z", + "datePublished": "2023-03-07T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", - "dateUpdated": "2023-03-07T00:00:00" + "dateUpdated": "2023-03-07T00:00:00.000Z" }, "descriptions": [ { @@ -68,6 +68,66 @@ ] } ] + }, + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-89", + "lang": "en", + "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 9.8, + "attackVector": "NETWORK", + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "HIGH", + "privilegesRequired": "NONE", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-06T17:41:37.458568Z", + "id": "CVE-2023-24780", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-06T17:42:15.116Z" + } } ] } diff --git a/cves/2023/24xxx/CVE-2023-24781.json b/cves/2023/24xxx/CVE-2023-24781.json index f50e09a7d2de..84f3b7275459 100644 --- a/cves/2023/24xxx/CVE-2023-24781.json +++ b/cves/2023/24xxx/CVE-2023-24781.json @@ -6,16 +6,16 @@ "cveId": "CVE-2023-24781", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2024-08-02T11:03:19.198Z", - "dateReserved": "2023-01-30T00:00:00", - "datePublished": "2023-03-07T00:00:00" + "dateUpdated": "2025-03-06T17:43:25.545Z", + "dateReserved": "2023-01-30T00:00:00.000Z", + "datePublished": "2023-03-07T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", - "dateUpdated": "2023-03-07T00:00:00" + "dateUpdated": "2023-03-07T00:00:00.000Z" }, "descriptions": [ { @@ -68,6 +68,66 @@ ] } ] + }, + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-89", + "lang": "en", + "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 9.8, + "attackVector": "NETWORK", + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "HIGH", + "privilegesRequired": "NONE", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-06T17:42:51.591650Z", + "id": "CVE-2023-24781", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-06T17:43:25.545Z" + } } ] } diff --git a/cves/2023/26xxx/CVE-2023-26954.json b/cves/2023/26xxx/CVE-2023-26954.json index bbdef7de5fbf..f7245c870f74 100644 --- a/cves/2023/26xxx/CVE-2023-26954.json +++ b/cves/2023/26xxx/CVE-2023-26954.json @@ -6,16 +6,16 @@ "cveId": "CVE-2023-26954", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2024-08-02T12:01:31.946Z", - "dateReserved": "2023-02-27T00:00:00", - "datePublished": "2023-03-07T00:00:00" + "dateUpdated": "2025-03-06T17:45:17.646Z", + "dateReserved": "2023-02-27T00:00:00.000Z", + "datePublished": "2023-03-07T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", - "dateUpdated": "2023-03-07T00:00:00" + "dateUpdated": "2023-03-07T00:00:00.000Z" }, "descriptions": [ { @@ -68,6 +68,66 @@ ] } ] + }, + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-79", + "lang": "en", + "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "CHANGED", + "version": "3.1", + "baseScore": 5.4, + "attackVector": "NETWORK", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "integrityImpact": "LOW", + "userInteraction": "REQUIRED", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "LOW", + "confidentialityImpact": "LOW" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-06T17:44:08.222202Z", + "id": "CVE-2023-26954", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-06T17:45:17.646Z" + } } ] } diff --git a/cves/2025/25xxx/CVE-2025-25793.json b/cves/2025/25xxx/CVE-2025-25793.json index f2e462376bbc..cdb3f16afa02 100644 --- a/cves/2025/25xxx/CVE-2025-25793.json +++ b/cves/2025/25xxx/CVE-2025-25793.json @@ -5,7 +5,7 @@ "cveId": "CVE-2025-25793", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-02-26T14:27:29.979Z", + "dateUpdated": "2025-03-06T17:47:27.280Z", "dateReserved": "2025-02-07T00:00:00.000Z", "datePublished": "2025-02-26T00:00:00.000Z" }, @@ -56,7 +56,69 @@ ] } ] - } + }, + "adp": [ + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-77", + "lang": "en", + "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 5.1, + "attackVector": "LOCAL", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "HIGH", + "confidentialityImpact": "LOW" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-06T17:46:01.792565Z", + "id": "CVE-2025-25793", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-06T17:47:27.280Z" + } + } + ] }, "dataVersion": "5.1" } \ No newline at end of file diff --git a/cves/2025/25xxx/CVE-2025-25794.json b/cves/2025/25xxx/CVE-2025-25794.json index 6801c5312c5d..83e2446d2942 100644 --- a/cves/2025/25xxx/CVE-2025-25794.json +++ b/cves/2025/25xxx/CVE-2025-25794.json @@ -5,7 +5,7 @@ "cveId": "CVE-2025-25794", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-02-26T14:27:28.174Z", + "dateUpdated": "2025-03-06T17:48:54.282Z", "dateReserved": "2025-02-07T00:00:00.000Z", "datePublished": "2025-02-26T00:00:00.000Z" }, @@ -56,7 +56,69 @@ ] } ] - } + }, + "adp": [ + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-77", + "lang": "en", + "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 5.1, + "attackVector": "LOCAL", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "HIGH", + "confidentialityImpact": "LOW" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-06T17:48:21.211450Z", + "id": "CVE-2025-25794", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-06T17:48:54.282Z" + } + } + ] }, "dataVersion": "5.1" } \ No newline at end of file