diff --git a/docGen/nvd.go b/docGen/nvd.go index a81caab..f57c575 100644 --- a/docGen/nvd.go +++ b/docGen/nvd.go @@ -103,7 +103,7 @@ func generateVulnPages() { wg.Add(1) log.Printf("generating vuln year: %s\n", year) - nvdDir := fmt.Sprintf("vuln-list-nvd/feed/%s/", year) + nvdDir := fmt.Sprintf("vuln-list-nvd/api/%s/", year) cweDir := "vuln-list/cwe" go func(year string) { @@ -405,35 +405,50 @@ func parseVulnerabilityJSONFile(fileName string) (VulnerabilityPost, error) { if err != nil { return VulnerabilityPost{}, err } - vuln.Description = strings.NewReplacer(`"`, ``, `\`, ``, `'`, ``).Replace(string(v.GetStringBytes("cve", "description", "description_data", "0", "value"))) - vuln.ID = string(v.GetStringBytes("cve", "CVE_data_meta", "ID")) - vuln.CWEID = string(v.GetStringBytes("cve", "problemtype", "problemtype_data", "0", "description", "0", "value")) - vuln.CVSS = CVSS{ - V2Vector: string(v.GetStringBytes("impact", "baseMetricV2", "cvssV2", "vectorString")), - V2Score: v.GetFloat64("impact", "baseMetricV2", "cvssV2", "baseScore"), - V3Vector: string(v.GetStringBytes("impact", "baseMetricV3", "cvssV3", "vectorString")), - V3Score: v.GetFloat64("impact", "baseMetricV3", "cvssV3", "baseScore"), + vuln.Description = strings.NewReplacer(`"`, ``, `\`, ``, `'`, ``).Replace(string(v.GetStringBytes("descriptions", "0", "value"))) + vuln.ID = string(v.GetStringBytes("id")) + if cwe := string(v.GetStringBytes("weaknesses", "0", "description", "0", "value")); cwe != "NVD-CWE-noinfo" { + vuln.CWEID = cwe } - vuln.NVDSeverityV2 = string(v.GetStringBytes("impact", "baseMetricV2", "severity")) - vuln.NVDSeverityV3 = string(v.GetStringBytes("impact", "baseMetricV3", "cvssV3", "baseSeverity")) + for _, metricV2 := range v.GetArray("metrics", "cvssMetricV2") { + source := string(metricV2.GetStringBytes("source")) + // Save only NVD metric + if source == "nvd@nist.gov" { + vuln.CVSS.V2Score = metricV2.GetFloat64("cvssData", "baseScore") + vuln.CVSS.V2Vector = string(metricV2.GetStringBytes("cvssData", "vectorString")) + vuln.NVDSeverityV2 = string(metricV2.GetStringBytes("baseSeverity")) + } + } + + // Save NVD metric from v3.1, + // if it doesn't exist - save NVD metric from v3.0 + for _, metricV3 := range append(v.GetArray("metrics", "cvssMetricV31"), v.GetArray("metrics", "cvssMetricV30")...) { + source := string(metricV3.GetStringBytes("source")) + // Save only NVD metric + if source == "nvd@nist.gov" { + vuln.CVSS.V3Score = metricV3.GetFloat64("cvssData", "baseScore") + vuln.CVSS.V3Vector = string(metricV3.GetStringBytes("cvssData", "vectorString")) + vuln.NVDSeverityV3 = string(metricV3.GetStringBytes("cvssData", "baseSeverity")) + } + } - publishedDate, _ := time.Parse("2006-01-02T04:05Z", string(v.GetStringBytes("publishedDate"))) - modifiedDate, _ := time.Parse("2006-01-02T04:05Z", string(v.GetStringBytes("lastModifiedDate"))) + publishedDate, _ := time.Parse("2006-01-02T15:04:05", string(v.GetStringBytes("published"))) + modifiedDate, _ := time.Parse("2006-01-02T15:04:05", string(v.GetStringBytes("lastModified"))) vuln.Dates = Dates{ Published: publishedDate.UTC().Format("2006-01-02 03:04:05 -0700"), Modified: modifiedDate.UTC().Format("2006-01-02 03:04:05 -0700"), } var refs []string - for _, r := range v.GetArray("cve", "references", "reference_data") { + for _, r := range v.GetArray("references") { refs = append(refs, strings.ReplaceAll(r.Get("url").String(), `"`, ``)) } vuln.References = refs - affectedSoftwares := v.GetArray("configurations", "nodes", "0", "cpe_match") // TODO: This logic should be improved to iterate over list of lists + affectedSoftwares := v.GetArray("configurations", "0", "nodes", "0", "cpeMatch") // TODO: This logic should be improved to iterate over list of lists for _, as := range affectedSoftwares { - uri := string(as.GetStringBytes("cpe23Uri")) + uri := string(as.GetStringBytes("criteria")) item, err := cpe.NewItemFromFormattedString(uri) if err != nil { continue diff --git a/docGen/nvd_test.go b/docGen/nvd_test.go index b8a337c..2a3f1e2 100644 --- a/docGen/nvd_test.go +++ b/docGen/nvd_test.go @@ -22,10 +22,9 @@ func TestParseVulnerabilityJSONFile(t *testing.T) { Layout: "vulnerability", Title: "CVE-2020-0001", By: "NVD", - Date: "2020-01-08 12:19:15 +0000", + Date: "2020-01-08 07:15:12 +0000", Vulnerability: Vulnerability{ ID: "CVE-2020-0001", - CWEID: "CWE-269", Description: "In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304", References: []string{ "https://source.android.com/security/bulletin/2020-01-01", @@ -37,8 +36,8 @@ func TestParseVulnerabilityJSONFile(t *testing.T) { V3Score: 7.8, }, Dates: Dates{ - Published: "2020-01-08 12:19:15 +0000", - Modified: "2020-01-14 12:21:52 +0000", + Published: "2020-01-08 07:15:12 +0000", + Modified: "2021-07-21 11:39:23 +0000", }, NVDSeverityV2: "HIGH", NVDSeverityV3: "HIGH", @@ -77,12 +76,13 @@ func TestParseVulnerabilityJSONFile(t *testing.T) { Layout: "vulnerability", Title: "CVE-2020-11932", By: "NVD", - Date: "2020-05-13 12:01:15 +0000", + Date: "2020-05-13 01:15:12 +0000", Vulnerability: Vulnerability{ ID: "CVE-2020-11932", CWEID: "CWE-532", Description: "It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered.", References: []string{ + "https://aliceandbob.company/the-human-factor-in-an-economy-of-scale", "https://github.com/CanonicalLtd/subiquity/commit/7db70650feaf513d7fb6f1ca07f2d670a0890613", }, CVSS: CVSS{ @@ -92,8 +92,8 @@ func TestParseVulnerabilityJSONFile(t *testing.T) { V3Score: 2.3, }, Dates: Dates{ - Published: "2020-05-13 12:01:15 +0000", - Modified: "2020-05-18 12:17:59 +0000", + Published: "2020-05-13 01:15:12 +0000", + Modified: "2020-08-03 06:15:11 +0000", }, NVDSeverityV2: "LOW", NVDSeverityV3: "LOW", @@ -114,50 +114,29 @@ func TestParseVulnerabilityJSONFile(t *testing.T) { Layout: "vulnerability", Title: "CVE-2022-2788", By: "NVD", - Date: "2020-01-08 12:19:15 +0000", + Date: "2022-08-19 09:15:08 +0000", Vulnerability: Vulnerability{ ID: "CVE-2022-2788", - CWEID: "CWE-269", + CWEID: "CWE-22", Description: "Emerson Electrics Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: ..Filename, also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code.", References: []string{ - "https://source.android.com/security/bulletin/2020-01-01", + "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06", }, CVSS: CVSS{ - V2Vector: "AV:L/AC:L/Au:N/C:C/I:C/A:C", - V2Score: 7.2, - V3Vector: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - V3Score: 7.8, + V3Vector: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + V3Score: 7.3, }, Dates: Dates{ - Published: "2020-01-08 12:19:15 +0000", - Modified: "2020-01-14 12:21:52 +0000", + Published: "2022-08-19 09:15:08 +0000", + Modified: "2023-06-28 02:25:03 +0000", }, - NVDSeverityV2: "HIGH", NVDSeverityV3: "HIGH", AffectedSoftware: []AffectedSoftware{ { - Name: "android", - Vendor: "google", - StartVersion: "8.0", - EndVersion: "8.0", - }, - { - Name: "android", - Vendor: "google", - StartVersion: "8.1", - EndVersion: "8.1", - }, - { - Name: "android", - Vendor: "google", - StartVersion: "9.0", - EndVersion: "9.0", - }, - { - Name: "android", - Vendor: "google", - StartVersion: "10.0", - EndVersion: "10.0", + Name: "electric's_proficy", + Vendor: "emerson", + StartVersion: "*", + EndVersion: "9.80", }, }, }, diff --git a/goldens/json/nvd/CVE-2020-0001.json b/goldens/json/nvd/CVE-2020-0001.json index 7b70300..ea88d56 100644 --- a/goldens/json/nvd/CVE-2020-0001.json +++ b/goldens/json/nvd/CVE-2020-0001.json @@ -1,112 +1,119 @@ { - "configurations": { - "CVE_data_version": "4.0", - "nodes": [ + "id": "CVE-2020-0001", + "sourceIdentifier": "security@android.com", + "published": "2020-01-08T19:15:12.843", + "lastModified": "2021-07-21T11:39:23.747", + "vulnStatus": "Analyzed", + "descriptions": [ + { + "lang": "en", + "value": "In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304" + }, + { + "lang": "es", + "value": "En la función getProcessRecordLocked del archivo ActivityManagerService.java, las aplicaciones aisladas no son manejadas correctamente. Esto podría conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. Producto: Android, Versiones: Android-8.0, Android-8.1, Android-9 y Android-10, ID de Android: A-140055304." + } + ], + "metrics": { + "cvssMetricV31": [ { - "cpe_match": [ - { - "cpe23Uri": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", - "vulnerable": true - }, - { - "cpe23Uri": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", - "vulnerable": true - }, - { - "cpe23Uri": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", - "vulnerable": true - }, - { - "cpe23Uri": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", - "vulnerable": true - } - ], - "operator": "OR" + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", + "accessVector": "LOCAL", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 7.2 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 3.9, + "impactScore": 10, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false } ] }, - "cve": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-0001" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ { "lang": "en", - "value": "In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304" + "value": "NVD-CWE-noinfo" } ] - }, - "problemtype": { - "problemtype_data": [ + } + ], + "configurations": [ + { + "nodes": [ { - "description": [ + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B578E383-0D77-4AC7-9C81-3F0B8C18E033" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", + "matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2" + }, { - "lang": "en", - "value": "CWE-269" + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" } ] } ] - }, - "references": { - "reference_data": [ - { - "name": "https://source.android.com/security/bulletin/2020-01-01", - "refsource": "CONFIRM", - "tags": [ - "Vendor Advisory" - ], - "url": "https://source.android.com/security/bulletin/2020-01-01" - } - ] } - }, - "impact": { - "baseMetricV2": { - "acInsufInfo": false, - "cvssV2": { - "accessComplexity": "LOW", - "accessVector": "LOCAL", - "authentication": "NONE", - "availabilityImpact": "COMPLETE", - "baseScore": 7.2, - "confidentialityImpact": "COMPLETE", - "integrityImpact": "COMPLETE", - "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", - "version": "2.0" - }, - "exploitabilityScore": 3.9, - "impactScore": 10, - "obtainAllPrivilege": false, - "obtainOtherPrivilege": false, - "obtainUserPrivilege": false, - "severity": "HIGH", - "userInteractionRequired": false - }, - "baseMetricV3": { - "cvssV3": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 + ], + "references": [ + { + "url": "https://source.android.com/security/bulletin/2020-01-01", + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } - }, - "lastModifiedDate": "2020-01-14T21:52Z", - "publishedDate": "2020-01-08T19:15Z" -} + ] +} \ No newline at end of file diff --git a/goldens/json/nvd/CVE-2020-0002.json b/goldens/json/nvd/CVE-2020-0002.json index 6064f08..54d6c6a 100644 --- a/goldens/json/nvd/CVE-2020-0002.json +++ b/goldens/json/nvd/CVE-2020-0002.json @@ -1,112 +1,124 @@ { - "configurations": { - "CVE_data_version": "4.0", - "nodes": [ + "id": "CVE-2020-0002", + "sourceIdentifier": "security@android.com", + "published": "2020-01-08T19:15:12.923", + "lastModified": "2022-01-01T20:01:34.303", + "vulnStatus": "Analyzed", + "descriptions": [ + { + "lang": "en", + "value": "In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-142602711" + }, + { + "lang": "es", + "value": "En la función ih264d_init_decoder del archivo ih264d_api.c, hay una posible escritura fuera de límites debido a un uso de la memoria previamente liberada. Esto podría conllevar a una ejecución de código remota sin ser necesarios privilegios de ejecución adicionales. Es requerida una interacción del usuario para su explotación Producto: Android, Versiones: Android-8.0, Android-8.1, Android-9 y Android-10, ID de Android: A-142602711." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ { - "cpe_match": [ - { - "cpe23Uri": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", - "vulnerable": true, - "versionEndIncluding": "1.1.1c", - "versionStartIncluding": "1.1.1" - }, - { - "cpe23Uri": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", - "vulnerable": true - }, - { - "cpe23Uri": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", - "vulnerable": true - }, - { - "cpe23Uri": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", - "vulnerable": true - } - ], - "operator": "OR" + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "MEDIUM", + "authentication": "NONE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 9.3 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.6, + "impactScore": 10, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": true } ] }, - "cve": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-0002" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ { "lang": "en", - "value": "In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-142602711" + "value": "CWE-416" + }, + { + "lang": "en", + "value": "CWE-787" } ] - }, - "problemtype": { - "problemtype_data": [ + } + ], + "configurations": [ + { + "nodes": [ { - "description": [ + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B578E383-0D77-4AC7-9C81-3F0B8C18E033" + }, { - "lang": "en", - "value": "CWE-416" + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", + "matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" } ] } ] - }, - "references": { - "reference_data": [ - { - "name": "https://source.android.com/security/bulletin/2020-01-01", - "refsource": "CONFIRM", - "tags": [], - "url": "https://source.android.com/security/bulletin/2020-01-01" - } - ] } - }, - "impact": { - "baseMetricV2": { - "acInsufInfo": false, - "cvssV2": { - "accessComplexity": "MEDIUM", - "accessVector": "NETWORK", - "authentication": "NONE", - "availabilityImpact": "COMPLETE", - "baseScore": 9.3, - "confidentialityImpact": "COMPLETE", - "integrityImpact": "COMPLETE", - "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", - "version": "2.0" - }, - "exploitabilityScore": 8.6, - "impactScore": 10, - "obtainAllPrivilege": false, - "obtainOtherPrivilege": false, - "obtainUserPrivilege": false, - "severity": "HIGH", - "userInteractionRequired": true - }, - "baseMetricV3": { - "cvssV3": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.1" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 + ], + "references": [ + { + "url": "https://source.android.com/security/bulletin/2020-01-01", + "source": "security@android.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } - }, - "lastModifiedDate": "2020-01-29T21:15Z", - "publishedDate": "2020-01-08T19:15Z" + ] } \ No newline at end of file diff --git a/goldens/json/nvd/CVE-2020-11932.json b/goldens/json/nvd/CVE-2020-11932.json index 083fd42..539d3f9 100644 --- a/goldens/json/nvd/CVE-2020-11932.json +++ b/goldens/json/nvd/CVE-2020-11932.json @@ -1,102 +1,140 @@ { - "configurations": { - "CVE_data_version": "4.0", - "nodes": [ + "id": "CVE-2020-11932", + "sourceIdentifier": "security@ubuntu.com", + "published": "2020-05-13T01:15:12.130", + "lastModified": "2020-08-03T18:15:11.710", + "vulnStatus": "Modified", + "descriptions": [ + { + "lang": "en", + "value": "It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered." + }, + { + "lang": "es", + "value": "Se detectó que el instalador de Subiquity para Ubuntu Server, registraba la contraseña completa de cifrado de disco de LUKS si una era ingresada." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.8, + "impactScore": 1.4 + }, + { + "source": "security@ubuntu.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ { - "cpe_match": [ - { - "cpe23Uri": "cpe:2.3:a:canonical:subiquity:*:*:*:*:*:*:*:*", - "versionEndExcluding": "20.05.2", - "vulnerable": true - } - ], - "operator": "OR" + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", + "accessVector": "LOCAL", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.1 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 3.9, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false } ] }, - "cve": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-11932" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ { "lang": "en", - "value": "It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered." + "value": "CWE-532" } ] }, - "problemtype": { - "problemtype_data": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "description": [ { - "description": [ - { - "lang": "en", - "value": "CWE-532" - } - ] + "lang": "en", + "value": "CWE-532" } ] - }, - "references": { - "reference_data": [ + } + ], + "configurations": [ + { + "nodes": [ { - "name": "https://github.com/CanonicalLtd/subiquity/commit/7db70650feaf513d7fb6f1ca07f2d670a0890613", - "refsource": "MISC", - "tags": [ - "Patch", - "Third Party Advisory" - ], - "url": "https://github.com/CanonicalLtd/subiquity/commit/7db70650feaf513d7fb6f1ca07f2d670a0890613" + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:canonical:subiquity:*:*:*:*:*:*:*:*", + "matchCriteriaId": "5285647F-F58C-4842-B180-1A04D602212A", + "versionEndExcluding": "20.05.2" + } + ] } ] } - }, - "impact": { - "baseMetricV2": { - "acInsufInfo": false, - "cvssV2": { - "accessComplexity": "LOW", - "accessVector": "LOCAL", - "authentication": "NONE", - "availabilityImpact": "NONE", - "baseScore": 2.1, - "confidentialityImpact": "PARTIAL", - "integrityImpact": "NONE", - "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", - "version": "2.0" - }, - "exploitabilityScore": 3.9, - "impactScore": 2.9, - "obtainAllPrivilege": false, - "obtainOtherPrivilege": false, - "obtainUserPrivilege": false, - "severity": "LOW", - "userInteractionRequired": false + ], + "references": [ + { + "url": "https://aliceandbob.company/the-human-factor-in-an-economy-of-scale", + "source": "security@ubuntu.com" }, - "baseMetricV3": { - "cvssV3": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "NONE", - "baseScore": 2.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", - "version": "3.1" - }, - "exploitabilityScore": 0.8, - "impactScore": 1.4 + { + "url": "https://github.com/CanonicalLtd/subiquity/commit/7db70650feaf513d7fb6f1ca07f2d670a0890613", + "source": "security@ubuntu.com", + "tags": [ + "Patch", + "Third Party Advisory" + ] } - }, - "lastModifiedDate": "2020-05-18T17:59Z", - "publishedDate": "2020-05-13T01:15Z" -} + ] +} \ No newline at end of file diff --git a/goldens/json/nvd/CVE-2022-2788.json b/goldens/json/nvd/CVE-2022-2788.json index 42b3985..62a4d86 100644 --- a/goldens/json/nvd/CVE-2022-2788.json +++ b/goldens/json/nvd/CVE-2022-2788.json @@ -1,112 +1,112 @@ { - "configurations": { - "CVE_data_version": "4.0", - "nodes": [ + "id": "CVE-2022-2788", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2022-08-19T21:15:08.403", + "lastModified": "2023-06-28T14:25:03.167", + "vulnStatus": "Analyzed", + "descriptions": [ + { + "lang": "en", + "value": "Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\\..\\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code." + }, + { + "lang": "es", + "value": "Emerson Electrics Proficy Machine Edition versiones 9.80 y anteriores, es vulnerable a CWE-29 Salto de Ruta: '\\..\\Filename\", también se conoce como ataque ZipSlip, mediante un procedimiento de carga que permite a atacantes implantar un archivo .BLZ malicioso en el PLC. El archivo puede transferirse mediante la estación de ingeniería a Windows de forma que sea ejecutado el código malicioso." + } + ], + "metrics": { + "cvssMetricV31": [ { - "cpe_match": [ - { - "cpe23Uri": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", - "vulnerable": true - }, - { - "cpe23Uri": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", - "vulnerable": true - }, - { - "cpe23Uri": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", - "vulnerable": true - }, - { - "cpe23Uri": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", - "vulnerable": true - } - ], - "operator": "OR" + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.9 + }, + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 3.9, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.5 } ] }, - "cve": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2022-2788" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ { "lang": "en", - "value": "Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\\..\\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code." + "value": "CWE-22" } ] }, - "problemtype": { - "problemtype_data": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "description": [ { - "description": [ - { - "lang": "en", - "value": "CWE-269" - } - ] + "lang": "en", + "value": "CWE-29" } ] - }, - "references": { - "reference_data": [ + } + ], + "configurations": [ + { + "nodes": [ { - "name": "https://source.android.com/security/bulletin/2020-01-01", - "refsource": "CONFIRM", - "tags": [ - "Vendor Advisory" - ], - "url": "https://source.android.com/security/bulletin/2020-01-01" + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:emerson:electric\\'s_proficy:*:*:*:*:machine:*:*:*", + "matchCriteriaId": "78333757-4370-4673-BE1C-B76FD6BE58C4", + "versionEndIncluding": "9.80" + } + ] } ] } - }, - "impact": { - "baseMetricV2": { - "acInsufInfo": false, - "cvssV2": { - "accessComplexity": "LOW", - "accessVector": "LOCAL", - "authentication": "NONE", - "availabilityImpact": "COMPLETE", - "baseScore": 7.2, - "confidentialityImpact": "COMPLETE", - "integrityImpact": "COMPLETE", - "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", - "version": "2.0" - }, - "exploitabilityScore": 3.9, - "impactScore": 10, - "obtainAllPrivilege": false, - "obtainOtherPrivilege": false, - "obtainUserPrivilege": false, - "severity": "HIGH", - "userInteractionRequired": false - }, - "baseMetricV3": { - "cvssV3": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 + ], + "references": [ + { + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06", + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Mitigation", + "Third Party Advisory", + "US Government Resource" + ] } - }, - "lastModifiedDate": "2020-01-14T21:52Z", - "publishedDate": "2020-01-08T19:15Z" -} + ] +} \ No newline at end of file