Dernières vulnérabilités du Mardi 15 Août 2023

Dernières vulnérabilités du Mardi 15 Août 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 15/08/2023 à 23:58:04

(1) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : hackerone.com

Vulnérabilité ID : CVE-2023-35082

Première publication le : 15-08-2023 16:15:11
Dernière modification le : 15-08-2023 17:15:47

Description :
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.

CVE ID : CVE-2023-35082
Source : support@hackerone.com
Score CVSS : 10.0

Références :
https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US | source : support@hackerone.com


(8) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : sap.com

Vulnérabilité ID : CVE-2023-39438

Première publication le : 15-08-2023 17:15:12
Dernière modification le : 15-08-2023 17:15:41

Description :
A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. This allows an arbitrary authenticated user to read CLA information including information of the persons who signed them as well as custom fields the CLA requester had configured. In addition, an arbitrary authenticated user can update or delete the CLA-configuration for repositories or organizations using CLA-assistant. The stored access tokens for GitHub are not affected, as these are redacted from the API-responses.

CVE ID : CVE-2023-39438
Source : cna@sap.com
Score CVSS : 8.1

Références :
https://github.com/cla-assistant/cla-assistant/security/advisories/GHSA-gw8p-frwv-25gh | source : cna@sap.com

Vulnérabilité : CWE-424
Vulnérabilité : CWE-862
Vulnérabilité : CWE-863


Source : hpe.com

Vulnérabilité ID : CVE-2023-38401

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:42

Description :
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.

CVE ID : CVE-2023-38401
Source : security-alert@hpe.com
Score CVSS : 7.8

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-38402

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:42

Description :
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.

CVE ID : CVE-2023-38402
Source : security-alert@hpe.com
Score CVSS : 7.1

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt | source : security-alert@hpe.com


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4347

Première publication le : 15-08-2023 02:15:48
Dernière modification le : 15-08-2023 12:29:16

Description :
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.

CVE ID : CVE-2023-4347
Source : security@huntr.dev
Score CVSS : 7.6

Références :
https://github.com/librenms/librenms/commit/91c57a1ee54631e071b6b0c952d99c8ee892e824 | source : security@huntr.dev
https://huntr.dev/bounties/1f78c6e1-2923-46c5-9376-4cc5a8f1152f | source : security@huntr.dev

Vulnérabilité : CWE-79


Source : wordfence.com

Vulnérabilité ID : CVE-2023-2916

Première publication le : 15-08-2023 09:15:09
Dernière modification le : 15-08-2023 12:29:16

Description :
The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges.

CVE ID : CVE-2023-2916
Source : security@wordfence.com
Score CVSS : 7.5

Références :
https://plugins.trac.wordpress.org/browser/iwp-client/tags/1.11.1/core.class.php#L365 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2925897/iwp-client#file4 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/aa157c80-447f-4406-9e49-9cc6208b7b19?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-4308

Première publication le : 15-08-2023 08:15:09
Dernière modification le : 15-08-2023 12:29:16

Description :
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-4308
Source : security@wordfence.com
Score CVSS : 7.2

Références :
https://plugins.trac.wordpress.org/changeset/2952471/user-submitted-posts | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/3bb4d37c-c4c2-4523-9b4e-73ffb7be81ea?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Source : patchstack.com

Vulnérabilité ID : CVE-2023-30498

Première publication le : 15-08-2023 13:15:09
Dernière modification le : 15-08-2023 16:06:01

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeFlavors Vimeotheque: Vimeo WordPress Plugin <= 2.2.1 versions.

CVE ID : CVE-2023-30498
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/codeflavors-vimeo-video-post-lite/wordpress-vimeotheque-plugin-2-2-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30747

Première publication le : 15-08-2023 13:15:09
Dernière modification le : 15-08-2023 16:06:01

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPGem WooCommerce Easy Duplicate Product plugin <= 0.3.0.0 versions.

CVE ID : CVE-2023-30747
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/woo-easy-duplicate-product/wordpress-woocommerce-easy-duplicate-product-plugin-0-3-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


(3) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : intel.com

Vulnérabilité ID : CVE-2023-24478

Première publication le : 15-08-2023 13:15:09
Dernière modification le : 15-08-2023 16:06:01

Description :
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-24478
Source : secure@intel.com
Score CVSS : 5.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00850.html | source : secure@intel.com


Source : patchstack.com

Vulnérabilité ID : CVE-2023-30778

Première publication le : 15-08-2023 13:15:09
Dernière modification le : 15-08-2023 16:06:01

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry plugin <= 10.0.1 versions.

CVE ID : CVE-2023-30778
Source : audit@patchstack.com
Score CVSS : 5.5

Références :
https://patchstack.com/database/vulnerability/powerpress/wordpress-powerpress-podcasting-plugin-by-blubrry-plugin-10-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Source : github.com

Vulnérabilité ID : CVE-2023-40028

Première publication le : 15-08-2023 18:15:10
Dernière modification le : 15-08-2023 18:23:32

Description :
Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder. Version 5.59.1 contains a fix for this issue. All users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-40028
Source : security-advisories@github.com
Score CVSS : 4.9

Références :
https://github.com/TryGhost/Ghost/commit/690fbf3f7302ff3f77159c0795928bdd20f41205 | source : security-advisories@github.com
https://github.com/TryGhost/Ghost/security/advisories/GHSA-9c9v-w225-v5rg | source : security-advisories@github.com

Vulnérabilité : CWE-22


(2) Vulnérabilité(s) LOW [0.1, 3.9]

Source : github.com

Vulnérabilité ID : CVE-2023-40027

Première publication le : 15-08-2023 18:15:10
Dernière modification le : 15-08-2023 18:23:32

Description :
Keystone is an open source headless CMS for Node.js — built with GraphQL and React. When `ui.isAccessAllowed` is set as `undefined`, the `adminMeta` GraphQL query is publicly accessible (no session required). This is different to the behaviour of the default AdminUI middleware, which by default will only be publicly accessible (no session required) if a `session` strategy is not defined. This vulnerability does not affect developers using the `@keystone-6/auth` package, or any users that have written their own `ui.isAccessAllowed` (that is to say, `isAccessAllowed` is not `undefined`). This vulnerability does affect users who believed that their `session` strategy will, by default, enforce that `adminMeta` is inaccessible by the public in accordance with that strategy; akin to the behaviour of the AdminUI middleware. This vulnerability has been patched in `@keystone-6/core` version `5.5.1`. Users are advised to upgrade. Users unable to upgrade may opt to write their own `isAccessAllowed` functionality to work-around this vulnerability.

CVE ID : CVE-2023-40027
Source : security-advisories@github.com
Score CVSS : 3.7

Références :
https://github.com/keystonejs/keystone/commit/650e27e6e9b42abfb94c340c8470faf61f0ff284 | source : security-advisories@github.com
https://github.com/keystonejs/keystone/pull/8771 | source : security-advisories@github.com
https://github.com/keystonejs/keystone/security/advisories/GHSA-9cvc-v7wm-992c | source : security-advisories@github.com

Vulnérabilité : CWE-862


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4371

Première publication le : 15-08-2023 15:15:09
Dernière modification le : 15-08-2023 16:06:01

Description :
A vulnerability was found in phpRecDB 1.3.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument r/view leads to cross site scripting. The attack may be launched remotely. VDB-237194 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4371
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.237194 | source : cna@vuldb.com
https://vuldb.com/?id.237194 | source : cna@vuldb.com

Vulnérabilité : CWE-79


(79) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-28479

Première publication le : 15-08-2023 14:15:09
Dernière modification le : 15-08-2023 16:06:01

Description :
An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform installs a full development toolchain within every TigerGraph deployment. An attacker is able to compile new executables on each Tigergraph system and modify system and Tigergraph binaries.

CVE ID : CVE-2023-28479
Source : cve@mitre.org
Score CVSS : /

Références :
https://neo4j.com/security/cve-2023-28479/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38840

Première publication le : 15-08-2023 17:15:10
Dernière modification le : 15-08-2023 17:15:41

Description :
An issue in Bitwarden Bitwarden Desktop v.2023.5.1 allows a local attacker to obtain sensitive information via the the bitwarden.exe

CVE ID : CVE-2023-38840
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/bitwarden/desktop/issues/476 | source : cve@mitre.org
https://github.com/markuta/bw-dump | source : cve@mitre.org
https://redmaple.tech/blogs/2023/extract-bitwarden-vault-passwords/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38850

Première publication le : 15-08-2023 17:15:10
Dernière modification le : 15-08-2023 17:15:41

Description :
Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker to cause a denial of service via the codedoc.c:1742 comppnent.

CVE ID : CVE-2023-38850
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/michaelrsweet/codedoc/issues/15 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38851

Première publication le : 15-08-2023 17:15:10
Dernière modification le : 15-08-2023 17:15:41

Description :
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018.

CVE ID : CVE-2023-38851
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libxls/libxls/issues/124 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38852

Première publication le : 15-08-2023 17:15:10
Dernière modification le : 15-08-2023 17:15:41

Description :
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266.

CVE ID : CVE-2023-38852
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libxls/libxls/issues/124 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38853

Première publication le : 15-08-2023 17:15:10
Dernière modification le : 15-08-2023 17:15:41

Description :
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015.

CVE ID : CVE-2023-38853
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libxls/libxls/issues/124 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38854

Première publication le : 15-08-2023 17:15:11
Dernière modification le : 15-08-2023 17:15:41

Description :
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296.

CVE ID : CVE-2023-38854
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libxls/libxls/issues/124 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38855

Première publication le : 15-08-2023 17:15:11
Dernière modification le : 15-08-2023 17:15:41

Description :
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

CVE ID : CVE-2023-38855
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libxls/libxls/issues/124 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38856

Première publication le : 15-08-2023 17:15:11
Dernière modification le : 15-08-2023 17:15:41

Description :
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.

CVE ID : CVE-2023-38856
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libxls/libxls/issues/124 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38857

Première publication le : 15-08-2023 17:15:11
Dernière modification le : 15-08-2023 17:15:41

Description :
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.

CVE ID : CVE-2023-38857
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/knik0/faad2/issues/171 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38858

Première publication le : 15-08-2023 17:15:11
Dernière modification le : 15-08-2023 17:15:41

Description :
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.

CVE ID : CVE-2023-38858
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/knik0/faad2/issues/173 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38860

Première publication le : 15-08-2023 17:15:11
Dernière modification le : 15-08-2023 17:15:41

Description :
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter.

CVE ID : CVE-2023-38860
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/hwchase17/langchain/issues/7641 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38889

Première publication le : 15-08-2023 17:15:11
Dernière modification le : 15-08-2023 17:15:41

Description :
An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroups(java.lang.String).

CVE ID : CVE-2023-38889
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Alluxio/alluxio/issues/17766 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38896

Première publication le : 15-08-2023 17:15:12
Dernière modification le : 15-08-2023 17:15:41

Description :
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions.

CVE ID : CVE-2023-38896
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/hwchase17/langchain/issues/5872 | source : cve@mitre.org
https://github.com/hwchase17/langchain/pull/6003 | source : cve@mitre.org
https://twitter.com/llm_sec/status/1668711587287375876 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38898

Première publication le : 15-08-2023 17:15:12
Dernière modification le : 15-08-2023 17:15:41

Description :
An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component.

CVE ID : CVE-2023-38898
Source : cve@mitre.org
Score CVSS : /

Références :
http://python.com | source : cve@mitre.org
https://github.com/python/cpython/issues/105987 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38915

Première publication le : 15-08-2023 17:15:12
Dernière modification le : 15-08-2023 17:15:41

Description :
File Upload vulnerability in Wolf-leo EasyAdmin8 v.1.0 allows a remote attacker to execute arbtirary code via the upload type function.

CVE ID : CVE-2023-38915
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/wolf-leo/EasyAdmin8/issues/1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38916

Première publication le : 15-08-2023 17:15:12
Dernière modification le : 15-08-2023 17:15:41

Description :
SQL Injection vulnerability in eVotingSystem-PHP v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the user input fields.

CVE ID : CVE-2023-38916
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Mohammad-Ajazuddin/eVotingSytem-PHP/issues/1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39659

Première publication le : 15-08-2023 17:15:12
Dernière modification le : 15-08-2023 17:15:41

Description :
An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component.

CVE ID : CVE-2023-39659
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/langchain-ai/langchain/issues/7700 | source : cve@mitre.org
https://github.com/langchain-ai/langchain/pull/5640 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39661

Première publication le : 15-08-2023 17:15:13
Dernière modification le : 15-08-2023 17:15:41

Description :
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the _is_jailbreak function.

CVE ID : CVE-2023-39661
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/gventuri/pandas-ai/issues/410 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39662

Première publication le : 15-08-2023 17:15:13
Dernière modification le : 15-08-2023 17:15:41

Description :
An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function.

CVE ID : CVE-2023-39662
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jerryjliu/llama_index/issues/7054 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38861

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:42

Description :
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.

CVE ID : CVE-2023-38861
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/TTY-flag/my_iot_vul/tree/main/WAVLINK/WL-WN575A3 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38862

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:42

Description :
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.

CVE ID : CVE-2023-38862
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38863

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:42

Description :
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.

CVE ID : CVE-2023-38863
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject4 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38865

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:42

Description :
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.

CVE ID : CVE-2023-38865
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject5 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38864

Première publication le : 15-08-2023 20:15:10
Dernière modification le : 15-08-2023 21:56:06

Description :
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt.

CVE ID : CVE-2023-38864
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject3 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38866

Première publication le : 15-08-2023 20:15:11
Dernière modification le : 15-08-2023 21:56:06

Description :
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and display_name.

CVE ID : CVE-2023-38866
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject2 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39841

Première publication le : 15-08-2023 20:15:11
Dernière modification le : 15-08-2023 21:56:06

Description :
Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.

CVE ID : CVE-2023-39841
Source : cve@mitre.org
Score CVSS : /

Références :
https://ashallen.net/smart-security-device-rfid-vulnerability-disclosure | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39842

Première publication le : 15-08-2023 20:15:11
Dernière modification le : 15-08-2023 21:56:06

Description :
Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.

CVE ID : CVE-2023-39842
Source : cve@mitre.org
Score CVSS : /

Références :
https://ashallen.net/smart-security-device-rfid-vulnerability-disclosure | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39843

Première publication le : 15-08-2023 20:15:11
Dernière modification le : 15-08-2023 21:56:06

Description :
Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.

CVE ID : CVE-2023-39843
Source : cve@mitre.org
Score CVSS : /

Références :
https://ashallen.net/smart-security-device-rfid-vulnerability-disclosure | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39848

Première publication le : 15-08-2023 21:15:09
Dernière modification le : 15-08-2023 21:56:06

Description :
DVWA v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at blind\source\high.php.

CVE ID : CVE-2023-39848
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/KLSEHB/vulnerability-report/blob/main/Dvwa_CVE-2023-39848 | source : cve@mitre.org
https://github.com/digininja/DVWA | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39852

Première publication le : 15-08-2023 21:15:09
Dernière modification le : 15-08-2023 21:56:06

Description :
Doctormms v1.0 was discovered to contain a SQL injection vulnerability via the $userid parameter at myAppoinment.php.

CVE ID : CVE-2023-39852
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/KLSEHB/vulnerability-report/blob/main/Doctormms_CVE-2023-39852 | source : cve@mitre.org
https://www.sourcecodester.com/php/14182/doctor-appointment-system.html | source : cve@mitre.org


Source : hackerone.com

Vulnérabilité ID : CVE-2023-32003

Première publication le : 15-08-2023 16:15:10
Dernière modification le : 15-08-2023 17:15:47

Description :
`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.

CVE ID : CVE-2023-32003
Source : support@hackerone.com
Score CVSS : /

Références :
https://hackerone.com/reports/2037887 | source : support@hackerone.com


Vulnérabilité ID : CVE-2023-32004

Première publication le : 15-08-2023 16:15:11
Dernière modification le : 15-08-2023 17:15:47

Description :
A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.

CVE ID : CVE-2023-32004
Source : support@hackerone.com
Score CVSS : /

Références :
https://hackerone.com/reports/2038134 | source : support@hackerone.com


Vulnérabilité ID : CVE-2023-32006

Première publication le : 15-08-2023 16:15:11
Dernière modification le : 15-08-2023 17:15:47

Description :
The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.

CVE ID : CVE-2023-32006
Source : support@hackerone.com
Score CVSS : /

Références :
https://hackerone.com/reports/2043807 | source : support@hackerone.com


Source : google.com

Vulnérabilité ID : CVE-2023-2312

Première publication le : 15-08-2023 18:15:10
Dernière modification le : 15-08-2023 18:23:32

Description :
Use after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-2312
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1448548 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4349

Première publication le : 15-08-2023 18:15:10
Dernière modification le : 15-08-2023 18:23:32

Description :
Use after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4349
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1458303 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4350

Première publication le : 15-08-2023 18:15:11
Dernière modification le : 15-08-2023 18:23:32

Description :
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4350
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1454817 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4351

Première publication le : 15-08-2023 18:15:11
Dernière modification le : 15-08-2023 18:23:32

Description :
Use after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4351
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1465833 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4352

Première publication le : 15-08-2023 18:15:11
Dernière modification le : 15-08-2023 18:23:32

Description :
Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4352
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1452076 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4353

Première publication le : 15-08-2023 18:15:11
Dernière modification le : 15-08-2023 18:23:32

Description :
Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4353
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1458046 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4354

Première publication le : 15-08-2023 18:15:11
Dernière modification le : 15-08-2023 18:23:32

Description :
Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4354
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1464215 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4355

Première publication le : 15-08-2023 18:15:11
Dernière modification le : 15-08-2023 18:23:32

Description :
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4355
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1468943 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4356

Première publication le : 15-08-2023 18:15:12
Dernière modification le : 15-08-2023 18:23:32

Description :
Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4356
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1449929 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4357

Première publication le : 15-08-2023 18:15:12
Dernière modification le : 15-08-2023 18:23:32

Description :
Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4357
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1458911 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4358

Première publication le : 15-08-2023 18:15:12
Dernière modification le : 15-08-2023 18:23:32

Description :
Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4358
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1466415 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4359

Première publication le : 15-08-2023 18:15:12
Dernière modification le : 15-08-2023 18:23:32

Description :
Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4359
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1443722 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4360

Première publication le : 15-08-2023 18:15:12
Dernière modification le : 15-08-2023 18:23:32

Description :
Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4360
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1462723 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4361

Première publication le : 15-08-2023 18:15:12
Dernière modification le : 15-08-2023 18:23:32

Description :
Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4361
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1465230 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4362

Première publication le : 15-08-2023 18:15:13
Dernière modification le : 15-08-2023 18:23:32

Description :
Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4362
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1316379 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4363

Première publication le : 15-08-2023 18:15:13
Dernière modification le : 15-08-2023 18:23:32

Description :
Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4363
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1367085 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4364

Première publication le : 15-08-2023 18:15:13
Dernière modification le : 15-08-2023 18:23:32

Description :
Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4364
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1406922 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4365

Première publication le : 15-08-2023 18:15:13
Dernière modification le : 15-08-2023 18:23:32

Description :
Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4365
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1431043 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4366

Première publication le : 15-08-2023 18:15:13
Dernière modification le : 15-08-2023 18:23:32

Description :
Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4366
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1450784 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4367

Première publication le : 15-08-2023 18:15:13
Dernière modification le : 15-08-2023 18:23:32

Description :
Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4367
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1467743 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4368

Première publication le : 15-08-2023 18:15:13
Dernière modification le : 15-08-2023 18:23:32

Description :
Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4368
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1467751 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4369

Première publication le : 15-08-2023 18:15:13
Dernière modification le : 15-08-2023 18:23:32

Description :
Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-4369
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html | source : chrome-cve-admin@google.com
https://crbug.com/1464456 | source : chrome-cve-admin@google.com


Source : cert.org

Vulnérabilité ID : CVE-2023-4345

Première publication le : 15-08-2023 18:15:10
Dernière modification le : 15-08-2023 19:15:12

Description :
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user

CVE ID : CVE-2023-4345
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4323

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:42

Description :
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup

CVE ID : CVE-2023-4323
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4324

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:42

Description :
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers

CVE ID : CVE-2023-4324
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4325

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities

CVE ID : CVE-2023-4325
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4326

Première publication le : 15-08-2023 19:15:10
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites

CVE ID : CVE-2023-4326
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4327

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux

CVE ID : CVE-2023-4327
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4328

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux

CVE ID : CVE-2023-4328
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4329

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute

CVE ID : CVE-2023-4329
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4330

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable Denial of Service can be caused by an authenticated user to the REST API Interface

CVE ID : CVE-2023-4330
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4331

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols

CVE ID : CVE-2023-4331
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4332

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file

CVE ID : CVE-2023-4332
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4333

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows

CVE ID : CVE-2023-4333
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4334

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication

CVE ID : CVE-2023-4334
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4335

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux

CVE ID : CVE-2023-4335
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4336

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute

CVE ID : CVE-2023-4336
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4337

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

CVE ID : CVE-2023-4337
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4338

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers

CVE ID : CVE-2023-4338
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4339

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions

CVE ID : CVE-2023-4339
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4340

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file

CVE ID : CVE-2023-4340
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4341

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI

CVE ID : CVE-2023-4341
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4342

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy

CVE ID : CVE-2023-4342
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4343

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter

CVE ID : CVE-2023-4343
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Vulnérabilité ID : CVE-2023-4344

Première publication le : 15-08-2023 19:15:11
Dernière modification le : 15-08-2023 20:01:35

Description :
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

CVE ID : CVE-2023-4344
Source : cret@cert.org
Score CVSS : /

Références :
https://www.broadcom.com/support/resources/product-security-center | source : cret@cert.org


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.