Dernières vulnérabilités du Mardi 11 Juillet 2023

Dernières vulnérabilités du Mardi 11 Juillet 2023
{{titre}}

Dernière mise à jour efféctuée le 11/07/2023 à 16:29:53

(10) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : siemens.com

Vulnérabilité ID : CVE-2023-29130

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control.

CVE ID : CVE-2023-29130
Source : productcert@siemens.com
Score CVSS : 9.9

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-36750

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The software-upgrade Url parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

CVE ID : CVE-2023-36750
Source : productcert@siemens.com
Score CVSS : 9.1

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-36751

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The install-app URL parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

CVE ID : CVE-2023-36751
Source : productcert@siemens.com
Score CVSS : 9.1

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-36752

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The upgrade-app URL parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

CVE ID : CVE-2023-36752
Source : productcert@siemens.com
Score CVSS : 9.1

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-36753

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The uninstall-app App-name parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

CVE ID : CVE-2023-36753
Source : productcert@siemens.com
Score CVSS : 9.1

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-36754

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The SCEP server configuration URL parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

CVE ID : CVE-2023-36754
Source : productcert@siemens.com
Score CVSS : 9.1

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-36755

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The SCEP CA Certificate Name parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

CVE ID : CVE-2023-36755
Source : productcert@siemens.com
Score CVSS : 9.1

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-77


Source : rockwellautomation.com

Vulnérabilité ID : CVE-2023-2746

Première publication le : 11-07-2023 14:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing (CORS) settings and, as a result, is vulnerable to a Cross Site Request Forgery (CSRF) attack. To exploit this vulnerability, a malicious user would have to convince a user to click on an untrusted link through a social engineering attack or successfully perform a Cross Site Scripting Attack (XSS). Exploitation of a CSRF could potentially lead to sensitive information disclosure and full remote access to the affected products.

CVE ID : CVE-2023-2746
Source : PSIRT@rockwellautomation.com
Score CVSS : 9.6

Références :
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139760 | source : PSIRT@rockwellautomation.com

Vulnérabilité : CWE-352


Source : nozominetworks.com

Vulnérabilité ID : CVE-2023-31191

Première publication le : 11-07-2023 09:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. An attacker can exploit this vulnerability by injecting, on carefully selected channels, high power spoofed Open Drone ID (ODID) messages which force the DroneScout ds230 Remote ID receiver to drop real Remote ID (RID) information and, instead, generate and transmit JSON encoded MQTT messages containing crafted RID information. Consequently, the MQTT broker, typically operated by a system integrator, will have no access to the drones’ real RID information. This issue affects the adjacent channel suppression algorithm present in DroneScout ds230 firmware from version 20211210-1627 through 20230329-1042.

CVE ID : CVE-2023-31191
Source : prodsec@nozominetworks.com
Score CVSS : 9.3

Références :
https://download.bluemark.io/dronescout/firmware/history.txt | source : prodsec@nozominetworks.com
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-31191/ | source : prodsec@nozominetworks.com

Vulnérabilité : CWE-221


Source : sap.com

Vulnérabilité ID : CVE-2023-36922

Première publication le : 11-07-2023 03:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Due to programming error in function module or report, SAP NetWeaver ABAP (IS-OIL) - versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806, 807, allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. On successful exploitation, the attacker can read or modify the system data as well as shut down the system.

CVE ID : CVE-2023-36922
Source : cna@sap.com
Score CVSS : 9.1

Références :
https://me.sap.com/notes/3350297 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-78


(30) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : siemens.com

Vulnérabilité ID : CVE-2023-36386

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link. The value is reflected in the response without sanitization while throwing an “invalid params element name” error on the get_elements parameters.

CVE ID : CVE-2023-36386
Source : productcert@siemens.com
Score CVSS : 8.8

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-36389

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link. The malformed value is reflected directly in the response without sanitization while throwing an “invalid path” error.

CVE ID : CVE-2023-36389
Source : productcert@siemens.com
Score CVSS : 8.8

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-36390

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link. The value is reflected in the response without sanitization while throwing an “invalid params element name” error on the action parameters.

CVE ID : CVE-2023-36390
Source : productcert@siemens.com
Score CVSS : 8.8

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-36521

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). The result synchronization server of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of all socket-based communication of the affected products if the result server is enabled.

CVE ID : CVE-2023-36521
Source : productcert@siemens.com
Score CVSS : 8.6

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-770


Vulnérabilité ID : CVE-2023-37246

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PRT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21109)

CVE ID : CVE-2023-37246
Source : productcert@siemens.com
Score CVSS : 7.8

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-122


Vulnérabilité ID : CVE-2023-37247

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21138)

CVE ID : CVE-2023-37247
Source : productcert@siemens.com
Score CVSS : 7.8

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-122


Vulnérabilité ID : CVE-2023-37248

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21155)

CVE ID : CVE-2023-37248
Source : productcert@siemens.com
Score CVSS : 7.8

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2023-37374

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21054)

CVE ID : CVE-2023-37374
Source : productcert@siemens.com
Score CVSS : 7.8

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-121


Vulnérabilité ID : CVE-2023-37375

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21060)

CVE ID : CVE-2023-37375
Source : productcert@siemens.com
Score CVSS : 7.8

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-121


Vulnérabilité ID : CVE-2023-37376

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains a type confusion vulnerability while parsing STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21051)

CVE ID : CVE-2023-37376
Source : productcert@siemens.com
Score CVSS : 7.8

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-843


Vulnérabilité ID : CVE-2022-29561

Première publication le : 11-07-2023 10:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.

CVE ID : CVE-2022-29561
Source : productcert@siemens.com
Score CVSS : 7.5

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2022-31810

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.

CVE ID : CVE-2022-31810
Source : productcert@siemens.com
Score CVSS : 7.5

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-924149.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-35920

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted IP packets sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.

CVE ID : CVE-2023-35920
Source : productcert@siemens.com
Score CVSS : 7.5

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-400


Vulnérabilité ID : CVE-2023-35921

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.

CVE ID : CVE-2023-35921
Source : productcert@siemens.com
Score CVSS : 7.5

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-400


Vulnérabilité ID : CVE-2023-29131

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation.

CVE ID : CVE-2023-29131
Source : productcert@siemens.com
Score CVSS : 7.4

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-276


Vulnérabilité ID : CVE-2023-36749

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The webserver of the affected devices support insecure TLS 1.0 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data.

CVE ID : CVE-2023-36749
Source : productcert@siemens.com
Score CVSS : 7.4

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-327


Source : rockwellautomation.com

Vulnérabilité ID : CVE-2023-2072

Première publication le : 11-07-2023 14:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated user resulting in remote code execution and potentially the complete loss of confidentiality, integrity, and availability of the product.

CVE ID : CVE-2023-2072
Source : PSIRT@rockwellautomation.com
Score CVSS : 8.8

Références :
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139761 | source : PSIRT@rockwellautomation.com

Vulnérabilité : CWE-787


Source : sap.com

Vulnérabilité ID : CVE-2023-33989

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
An attacker with non-administrative authorizations in SAP NetWeaver (BI CONT ADD ON) - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system compromise.

CVE ID : CVE-2023-33989
Source : cna@sap.com
Score CVSS : 8.7

Références :
https://me.sap.com/notes/3331376 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-33987

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
An unauthenticated attacker in SAP Web Dispatcher - versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL 7.90, KRNL64NUC 7.49, KRNL64UC 7.49, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, can submit a malicious crafted request over a network to a front-end server which may, over several attempts, result in a back-end server confusing the boundaries of malicious and legitimate messages. This can result in the back-end server executing a malicious payload which can be used to read or modify information on the server or make it temporarily unavailable.

CVE ID : CVE-2023-33987
Source : cna@sap.com
Score CVSS : 8.6

Références :
https://me.sap.com/notes/3233899 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-444


Vulnérabilité ID : CVE-2023-33990

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing the service by crashing the service. An attacker with low privileged account and access to the local system can write into the shared memory objects. This can be leveraged by an attacker to perform a Denial of Service. Further, an attacker might be able to modify sensitive data in shared memory objects.This issue only affects SAP SQL Anywhere on Windows. Other platforms are not impacted.

CVE ID : CVE-2023-33990
Source : cna@sap.com
Score CVSS : 7.8

Références :
https://me.sap.com/notes/3331029 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-732


Vulnérabilité ID : CVE-2023-35871

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to information disclosure or system crashes, which can have low impact on confidentiality and high impact on the integrity and availability of the system.

CVE ID : CVE-2023-35871
Source : cna@sap.com
Score CVSS : 7.7

Références :
https://me.sap.com/notes/3340735 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-119


Vulnérabilité ID : CVE-2023-36921

Première publication le : 11-07-2023 03:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application.

CVE ID : CVE-2023-36921
Source : cna@sap.com
Score CVSS : 7.2

Références :
https://me.sap.com/notes/3348145 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-644


Vulnérabilité ID : CVE-2023-36925

Première publication le : 11-07-2023 03:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can reach.

CVE ID : CVE-2023-36925
Source : cna@sap.com
Score CVSS : 7.2

Références :
https://me.sap.com/notes/3352058 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-918


Source : wordfence.com

Vulnérabilité ID : CVE-2023-2079

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
The "Buy Me a Coffee – Button and Widget Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the recieve_post, bmc_disconnect, name_post, and widget_post functions in versions up to, and including, 3.7. This makes it possible for unauthenticated attackers to update the plugins settings, via a forged request granted the attacker can trick a site's administrator into performing an action such as clicking on a link.

CVE ID : CVE-2023-2079
Source : security@wordfence.com
Score CVSS : 8.3

Références :
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/admin/class-buy-me-a-coffee-admin.php?rev=2816542 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/includes/class-buy-me-a-coffee.php?rev=2319979#L162 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2935565%40buymeacoffee&new=2935565%40buymeacoffee&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/6309258e-e4fc-4edf-a771-2d82a9a85a5c?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-2078

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
The "Buy Me a Coffee – Button and Widget Plugin" plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the recieve_post, bmc_disconnect, name_post, and widget_post functions in versions up to, and including, 3.7. This makes it possible for authenticated attackers, with minimal permissions such as subscribers, to update the plugins settings. CVE-2023-25030 may be a duplicate of this issue.

CVE ID : CVE-2023-2078
Source : security@wordfence.com
Score CVSS : 7.3

Références :
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/admin/class-buy-me-a-coffee-admin.php?rev=2816542 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/includes/class-buy-me-a-coffee.php?rev=2319979#L162 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2935565%40buymeacoffee&new=2935565%40buymeacoffee&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/c1c218c6-1599-4dc9-846f-e0ef74821488?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-862


Source : nozominetworks.com

Vulnérabilité ID : CVE-2023-31190

Première publication le : 11-07-2023 09:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which the firmware update package (.tar.bz2 file) is downloaded. An attacker with the ability to put himself in a Man-in-the-Middle situation (e.g., DNS poisoning, ARP poisoning, control of a node on the route to the endpoint, etc.) can trick the DroneScout ds230 to install a crafted malicious firmware update containing arbitrary files (e.g., executable and configuration) and gain administrative (root) privileges on the underlying Linux operating system. This issue affects DroneScout ds230 firmware from version 20211210-1627 through 20230329-1042.

CVE ID : CVE-2023-31190
Source : prodsec@nozominetworks.com
Score CVSS : 8.1

Références :
https://download.bluemark.io/dronescout/firmware/history.txt | source : prodsec@nozominetworks.com
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-31190/ | source : prodsec@nozominetworks.com

Vulnérabilité : CWE-287


Source : patchstack.com

Vulnérabilité ID : CVE-2023-36690

Première publication le : 11-07-2023 13:15:10
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes WPLMS theme <= 4.900 versions.

CVE ID : CVE-2023-36690
Source : audit@patchstack.com
Score CVSS : 8.1

Références :
https://patchstack.com/database/vulnerability/wplms/wordpress-wplms-theme-4-600-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23671

Première publication le : 11-07-2023 12:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.

CVE ID : CVE-2023-23671
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/slider-slideshow/wordpress-layer-slider-plugin-1-1-9-6-cross-site-request-forgery-csrf-leading-to-post-page-deletion-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Source : redhat.com

Vulnérabilité ID : CVE-2023-3269

Première publication le : 11-07-2023 12:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.

CVE ID : CVE-2023-3269
Source : secalert@redhat.com
Score CVSS : 7.8

Références :
https://access.redhat.com/security/cve/CVE-2023-3269 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2215268 | source : secalert@redhat.com
https://www.openwall.com/lists/oss-security/2023/07/05/1 | source : secalert@redhat.com


Source : fortinet.com

Vulnérabilité ID : CVE-2023-23777

Première publication le : 11-07-2023 09:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.18 and below may allow a privileged attacker to execute arbitrary bash commands via crafted cli backup parameters.

CVE ID : CVE-2023-23777
Source : psirt@fortinet.com
Score CVSS : 7.2

Références :
https://fortiguard.com/psirt/FG-IR-22-131 | source : psirt@fortinet.com


(47) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : sap.com

Vulnérabilité ID : CVE-2023-35872

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
The Message Display Tool (MDT) of SAP NetWeaver Process Integration - version SAP_XIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The vulnerability does not allow access to sensitive information or administrative functionalities. On successful exploitation an attacker can cause limited impact on confidentiality and availability of the application.

CVE ID : CVE-2023-35872
Source : cna@sap.com
Score CVSS : 6.5

Références :
https://me.sap.com/notes/3343564 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-306


Vulnérabilité ID : CVE-2023-35873

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
The Runtime Workbench (RWB) of SAP NetWeaver Process Integration - version SAP_XITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The vulnerability does not allow access to sensitive information or administrative functionalities. On successful exploitation an attacker can cause limited impact on confidentiality and availability of the application.

CVE ID : CVE-2023-35873
Source : cna@sap.com
Score CVSS : 6.5

Références :
https://me.sap.com/notes/3343547 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-306


Vulnérabilité ID : CVE-2023-35870

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions S4CORE 104, 105, 106, 107, an attacker could intercept the save request and change the template, leading to an impact on confidentiality and integrity of the resource. Furthermore, a standard template could be deleted, hence making the resource temporarily unavailable.

CVE ID : CVE-2023-35870
Source : cna@sap.com
Score CVSS : 6.3

Références :
https://me.sap.com/notes/3341211 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-33988

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Content-Security-Policy and X-XSS-Protection response headers are not implemented, allowing an unauthenticated attacker to attempt reflected cross-site scripting, which could result in disclosure or modification of information.

CVE ID : CVE-2023-33988
Source : cna@sap.com
Score CVSS : 6.1

Références :
https://me.sap.com/notes/3326769 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-36918

Première publication le : 11-07-2023 03:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-Content-Type-Options response header is not implemented, allowing an unauthenticated attacker to trigger MIME type sniffing, which leads to Cross-Site Scripting, which could result in disclosure or modification of information.

CVE ID : CVE-2023-36918
Source : cna@sap.com
Score CVSS : 6.1

Références :
https://launchpad.support.sap.com/#/notes/3326769 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-35874

Première publication le : 11-07-2023 03:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92, KERNEL 7.93, under some conditions, performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network, extending the scope of impact, causing a limited impact on confidentiality, integrity and availability.

CVE ID : CVE-2023-35874
Source : cna@sap.com
Score CVSS : 6.0

Références :
https://me.sap.com/notes/3318850 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-287


Vulnérabilité ID : CVE-2023-36917

Première publication le : 11-07-2023 03:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized attacker who had hijacked a user session, to be able to bypass the victim’s old password via brute force, due to unrestricted rate limit for password change functionality. Although the attack has no impact on integrity loss or system availability, this could lead to an attacker to completely takeover a victim’s account.

CVE ID : CVE-2023-36917
Source : cna@sap.com
Score CVSS : 5.9

Références :
https://me.sap.com/notes/3320702 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-307


Vulnérabilité ID : CVE-2023-31405

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.

CVE ID : CVE-2023-31405
Source : cna@sap.com
Score CVSS : 5.3

Références :
https://me.sap.com/notes/3324732 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-117


Vulnérabilité ID : CVE-2023-36919

Première publication le : 11-07-2023 03:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Referrer-Policy response header is not implemented, allowing an unauthenticated attacker to obtain referrer details, resulting in information disclosure.

CVE ID : CVE-2023-36919
Source : cna@sap.com
Score CVSS : 5.3

Références :
https://launchpad.support.sap.com/#/notes/3326769 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-644


Vulnérabilité ID : CVE-2023-36924

Première publication le : 11-07-2023 03:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could modify all the syslog data causing a complete compromise of integrity of the application.

CVE ID : CVE-2023-36924
Source : cna@sap.com
Score CVSS : 4.9

Références :
https://me.sap.com/notes/3351410 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-117


Vulnérabilité ID : CVE-2023-33992

Première publication le : 11-07-2023 03:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.

CVE ID : CVE-2023-33992
Source : cna@sap.com
Score CVSS : 4.5

Références :
https://me.sap.com/notes/3088078 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnérabilité : CWE-862


Source : siemens.com

Vulnérabilité ID : CVE-2023-36748

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The affected devices are configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over to and from the affected device.

CVE ID : CVE-2023-36748
Source : productcert@siemens.com
Score CVSS : 5.9

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-326


Source : patchstack.com

Vulnérabilité ID : CVE-2023-24421

Première publication le : 11-07-2023 08:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WP Engine PHP Compatibility Checker plugin <= 1.5.2 versions.

CVE ID : CVE-2023-24421
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/php-compatibility-checker/wordpress-php-compatibility-checker-plugin-1-5-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35781

Première publication le : 11-07-2023 08:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in LWS Cleaner plugin <= 2.3.0 versions.

CVE ID : CVE-2023-35781
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/lws-cleaner/wordpress-lws-cleaner-plugin-2-3-0-multiple-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-34015

Première publication le : 11-07-2023 09:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin <= 1.6.4.4 versions.

CVE ID : CVE-2023-34015
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/advanced-free-flat-shipping-woocommerce/wordpress-advanced-flat-rate-shipping-woocommerce-plugin-1-6-4-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35774

Première publication le : 11-07-2023 09:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.4.1 versions.

CVE ID : CVE-2023-35774
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/lws-tools/wordpress-lws-tools-plugin-2-4-1-multiple-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-37391

Première publication le : 11-07-2023 10:15:11
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WPMobilePack.Com WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps plugin <= 3.4.1 versions.

CVE ID : CVE-2023-37391
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/wordpress-mobile-pack/wordpress-wordpress-mobile-pack-plugin-3-4-1-broken-access-control-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-36687

Première publication le : 11-07-2023 11:15:08
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Andrea Tarantini Menubar plugin <= 5.8.2 versions.

CVE ID : CVE-2023-36687
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/menubar/wordpress-menubar-plugin-5-8-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25706

Première publication le : 11-07-2023 13:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Pagup WordPress Robots.Txt optimization plugin <= 1.4.5 versions.

CVE ID : CVE-2023-25706
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/better-robots-txt/wordpress-wordpress-robots-txt-optimization-xml-sitemap-website-traffic-seo-ranking-booster-plugin-1-4-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23792

Première publication le : 11-07-2023 06:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Swatchly plugin <= 1.2.0 versions.

CVE ID : CVE-2023-23792
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/swatchly/wordpress-swatchly-woocommerce-variation-swatches-for-products-product-attributes-image-swatch-color-swatches-label-swatches-plugin-1-1-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23791

Première publication le : 11-07-2023 07:15:08
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Menu plugin <= 1.2.1 versions.

CVE ID : CVE-2023-23791
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/ht-menu-lite/wordpress-ht-menu-wordpress-mega-menu-builder-for-elementor-plugin-1-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23803

Première publication le : 11-07-2023 07:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes JustTables plugin <= 1.4.9 versions.

CVE ID : CVE-2023-23803
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/just-tables/wordpress-justtables-woocommerce-product-table-plugin-1-4-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2022-45823

Première publication le : 11-07-2023 08:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in GalleryPlugins Video Contest WordPress plugin <= 3.2 versions.

CVE ID : CVE-2022-45823
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/video-contest/wordpress-video-contest-wordpress-plugin-plugin-3-2-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23704

Première publication le : 11-07-2023 08:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments Ratings plugin <= 1.1.6 versions.

CVE ID : CVE-2023-23704
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/comments-ratings/wordpress-comments-ratings-plugin-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23731

Première publication le : 11-07-2023 08:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in HasTheme WishSuite plugin <= 1.3.3 versions.

CVE ID : CVE-2023-23731
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/wishsuite/wordpress-wishsuite-wishlist-for-woocommerce-plugin-1-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23997

Première publication le : 11-07-2023 08:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Dave Jesch Database Collation Fix plugin <= 1.2.7 versions.

CVE ID : CVE-2023-23997
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/database-collation-fix/wordpress-database-collation-fix-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25051

Première publication le : 11-07-2023 08:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Denishua Comment Reply Notification plugin <= 1.4 versions.

CVE ID : CVE-2023-25051
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/comment-reply-notification/wordpress-comment-reply-notification-plugin-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25468

Première publication le : 11-07-2023 08:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Reservation.Studio Reservation.Studio widget plugin <= 1.0.11 versions.

CVE ID : CVE-2023-25468
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/reservation-studio-widget/wordpress-reservation-studio-widget-plugin-1-0-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25487

Première publication le : 11-07-2023 08:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade PixTypes plugin <= 1.4.14 versions.

CVE ID : CVE-2023-25487
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/pixtypes/wordpress-pixtypes-plugin-1-4-14-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35913

Première publication le : 11-07-2023 09:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in OOPSpam OOPSpam Anti-Spam plugin <= 1.1.44 versions.

CVE ID : CVE-2023-35913
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/oopspam-anti-spam/wordpress-oopspam-anti-spam-plugin-1-1-44-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-36517

Première publication le : 11-07-2023 09:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.2 versions.

CVE ID : CVE-2023-36517
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/wp-abstracts-manuscripts-manager/wordpress-wp-abstracts-plugin-2-6-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-36693

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez WP RSS Images plugin <= 1.1 versions.

CVE ID : CVE-2023-36693
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/wp-rss-images/wordpress-wp-rss-images-plugin-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-34185

Première publication le : 11-07-2023 12:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in John Brien WordPress NextGen GalleryView plugin <= 0.5.5 versions.

CVE ID : CVE-2023-34185
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/wordpress-nextgen-galleryview/wordpress-wordpress-nextgen-galleryview-plugin-0-5-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35047

Première publication le : 11-07-2023 12:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions.

CVE ID : CVE-2023-35047
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/all-bootstrap-blocks/wordpress-all-bootstrap-blocks-plugin-1-3-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35778

Première publication le : 11-07-2023 12:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Neha Goel Recent Posts Slider plugin <= 1.1 versions.

CVE ID : CVE-2023-35778
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/recent-posts-slider/wordpress-recent-posts-slider-plugin-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35780

Première publication le : 11-07-2023 12:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Andy Whalen Galleria plugin <= 1.0.3 versions.

CVE ID : CVE-2023-35780
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/galleria/wordpress-galleria-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-24417

Première publication le : 11-07-2023 13:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in tiggersWelt.Net Worthy plugin <= 1.6.5-6497609 versions.

CVE ID : CVE-2023-24417
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/wp-worthy/wordpress-worthy-vg-wort-integration-fuer-wordpress-plugin-1-6-5-6497609-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25443

Première publication le : 11-07-2023 13:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder plugin <= 2.3.5 versions.

CVE ID : CVE-2023-25443
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/button-generation/wordpress-button-generator-plugin-2-3-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-32104

Première publication le : 11-07-2023 13:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Mark Tilly MyCurator Content Curation plugin <= 3.74 versions.

CVE ID : CVE-2023-32104
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/mycurator/wordpress-mycurator-content-curation-plugin-3-74-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-34029

Première publication le : 11-07-2023 13:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Prem Tiwari Disable WordPress Update Notifications and auto-update Email Notifications plugin <= 2.3.3 versions.

CVE ID : CVE-2023-34029
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/disable-update-notifications/wordpress-disable-wordpress-update-notifications-and-auto-update-email-notifications-plugin-2-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35044

Première publication le : 11-07-2023 13:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Drew Phillips Securimage-WP plugin <= 3.6.16 versions.

CVE ID : CVE-2023-35044
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/securimage-wp/wordpress-securimage-wp-plugin-3-6-16-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35091

Première publication le : 11-07-2023 13:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in StoreApps Stock Manager for WooCommerce plugin <= 2.10.0 versions.

CVE ID : CVE-2023-35091
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/woocommerce-stock-manager/wordpress-stock-manager-for-woocommerce-plugin-2-10-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35773

Première publication le : 11-07-2023 13:15:10
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Danny Hearnah - ChubbyNinjaa Template Debugger plugin <= 3.1.2 versions.

CVE ID : CVE-2023-35773
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/quick-edit-template-link/wordpress-template-debugger-plugin-3-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-36522

Première publication le : 11-07-2023 13:15:10
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WePupil Quiz Expert plugin <= 1.5.0 versions.

CVE ID : CVE-2023-36522
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/quiz-expert/wordpress-quiz-expert-easy-quiz-maker-exam-and-test-manager-plugin-1-5-0-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Source : fortinet.com

Vulnérabilité ID : CVE-2022-22302

Première publication le : 11-07-2023 09:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem.

CVE ID : CVE-2022-22302
Source : psirt@fortinet.com
Score CVSS : 5.3

Références :
https://fortiguard.com/psirt/FG-IR-20-014 | source : psirt@fortinet.com


Source : redhat.com

Vulnérabilité ID : CVE-2023-1672

Première publication le : 11-07-2023 12:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

CVE ID : CVE-2023-1672
Source : secalert@redhat.com
Score CVSS : 5.3

Références :
https://access.redhat.com/security/cve/CVE-2023-1672 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2180999 | source : secalert@redhat.com
https://github.com/latchset/tang/commit/8dbbed10870378f1b2c3cf3df2ea7edca7617096 | source : secalert@redhat.com
https://www.openwall.com/lists/oss-security/2023/06/15/1 | source : secalert@redhat.com


Source : nozominetworks.com

Vulnérabilité ID : CVE-2023-29156

Première publication le : 11-07-2023 09:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. An attacker can exploit this vulnerability by injecting, at the right times, spoofed Open Drone ID (ODID) messages which force the DroneScout ds230 Remote ID receiver to drop real Remote ID (RID) information and, instead, generate and transmit JSON encoded MQTT messages containing crafted RID information. Consequently, the MQTT broker, typically operated by a system integrator, will have no access to the drones’ real RID information. This issue affects DroneScout ds230 in default configuration from firmware version 20211210-1627 through 20230329-1042.

CVE ID : CVE-2023-29156
Source : prodsec@nozominetworks.com
Score CVSS : 4.7

Références :
https://download.bluemark.io/dronescout/firmware/history.txt | source : prodsec@nozominetworks.com
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-29156/ | source : prodsec@nozominetworks.com

Vulnérabilité : CWE-221


(2) Vulnérabilité(s) LOW [0.1, 3.9]

Source : siemens.com

Vulnérabilité ID : CVE-2022-29562

Première publication le : 11-07-2023 10:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). Affected devices do not properly handle malformed HTTP packets. This could allow an unauthenticated remote attacker to send a malformed HTTP packet causing certain functions to fail in a controlled manner.

CVE ID : CVE-2022-29562
Source : productcert@siemens.com
Score CVSS : 3.7

Références :
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf | source : productcert@siemens.com

Vulnérabilité : CWE-20


Source : gitlab.com

Vulnérabilité ID : CVE-2023-1936

Première publication le : 11-07-2023 08:15:10
Dernière modification le : 11-07-2023 12:43:16

Description :
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows an attacker to leak the email address of a user who created a service desk issue.

CVE ID : CVE-2023-1936
Source : cve@gitlab.com
Score CVSS : 3.5

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/405150 | source : cve@gitlab.com
https://hackerone.com/reports/1933829 | source : cve@gitlab.com

Vulnérabilité : CWE-284


(9) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-37191

Première publication le : 11-07-2023 01:15:12
Dernière modification le : 11-07-2023 12:43:16

Description :
A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Group and Description parameters.

CVE ID : CVE-2023-37191
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/sahiloj/CVE-2023-37191/blob/main/README.md | source : cve@mitre.org
https://reference3.example.com/index.php?menu=faxnew | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37189

Première publication le : 11-07-2023 02:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Name or Prefix fields under the Create New Rate module.

CVE ID : CVE-2023-37189
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/sahiloj/CVE-2023-37189/blob/main/README.md | source : cve@mitre.org
https://reference1.example.com/index.php?menu=billing_rates | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37190

Première publication le : 11-07-2023 02:15:09
Dernière modification le : 11-07-2023 12:43:16

Description :
A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature.

CVE ID : CVE-2023-37190
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/sahiloj/CVE-2023-37190/blob/main/README.md | source : cve@mitre.org
https://reference2.example.com/index.php?menu=grouplist | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34561

Première publication le : 11-07-2023 13:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
A buffer overflow in the level parsing code of RobTop Games AB Geometry Dash v2.113 allows attackers to execute arbitrary code via entering a Geometry Dash level.

CVE ID : CVE-2023-34561
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/meltah/gd-rce | source : cve@mitre.org
https://www.youtube.com/watch?v=DMxucOWfLPc | source : cve@mitre.org
https://www.youtube.com/watch?v=RGMeWPchScg | source : cve@mitre.org
https://www.youtube.com/watch?v=ev0VXbiduuQ | source : cve@mitre.org
https://www.youtube.com/watch?v=kAeJvY6BBps | source : cve@mitre.org
https://www.youtube.com/watch?v=u7eXBr4HkKQ | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-20118

Première publication le : 11-07-2023 14:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver.

CVE ID : CVE-2020-20118
Source : cve@mitre.org
Score CVSS : /

Références :
http://avast.com | source : cve@mitre.org
https://gitlab.com/yongchuank/avast-aswsnx-ioctl-82ac0060-oob-write | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36163

Première publication le : 11-07-2023 14:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted script to the mc parameter of the URL.

CVE ID : CVE-2023-36163
Source : cve@mitre.org
Score CVSS : /

Références :
http://www.levi-coins.co.il/BuildaGate5/general2/company_search_tree.php?SiteName=levicoins | source : cve@mitre.org
http://www.misdar-jabo.org/BuildaGate5/general2/company_search_tree.php?NewNameMade=0&SiteName=misdar&lan=en&EnterDefault=&Referral=tree&BuyerID=104732450&Clubtmp1=&SearchTop= | source : cve@mitre.org
https://afula.libraries.co.il/BuildaGate5library/general2/company_search_tree.php?mc=0 | source : cve@mitre.org
https://github.com/TraiLeR2?tab=overview&from=2023-05-01&to=2023-05-31 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36164

Première publication le : 11-07-2023 14:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
An issue in MiniTool Partition Wizard ShadowMaker v.12.7 allows an attacker to execute arbitrary code via the MTAgentService component.

CVE ID : CVE-2023-36164
Source : cve@mitre.org
Score CVSS : /

Références :
http://minitool.com | source : cve@mitre.org
https://github.com/TraiLeR2?tab=overview&from=2023-05-01&to=2023-05-31 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36167

Première publication le : 11-07-2023 14:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component.

CVE ID : CVE-2023-36167
Source : cve@mitre.org
Score CVSS : /

Références :
http://avg.com | source : cve@mitre.org
https://github.com/TraiLeR2?tab=overview&from=2023-05-01&to=2023-05-31 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37656

Première publication le : 11-07-2023 14:15:09
Dernière modification le : 11-07-2023 14:27:23

Description :
WebsiteGuide v0.2 is vulnerable to Remote Command Execution (RCE) via image upload.

CVE ID : CVE-2023-37656
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/mizhexiaoxiao/WebsiteGuide/issues/12 | source : cve@mitre.org


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.